Application Security Specialist

APPLICATION SECURITY SPECIALIST RESUME EXAMPLE

Updated:
July 26, 2024 - The Application Security Specialist identifies and communicates risks in applications, development processes, and architecture, collaborating with engineering teams to develop mitigation plans. They conduct security reviews, provide feedback to development teams, and enhance Secure SDLC delivery. Additionally, they manage security policies, coordinate penetration tests, and develop application security training, ensuring adherence to industry best practices and the integration of security‑by‑design principles.

Job Summary:

• Security testing and code review to improve software security
• Test and implement software security techniques in reference to architecture.
• Troubleshoot and debug issues as and when they arise.
• Working with engineering teams, handling reviews in regards to software solutions to help mitigate security issues
• Contribute to all levels of the architecture, handling Threat models
• Consult team members in regard to coding
• Identify and mitigate external threats to the organisation and employees
• Develop a familiarity with new tools and best practices
• Evolve, drive and execute a comprehensive strategy for Application Security at EXFO.
• Develop and implement application security controls and formulate effective risk mitigations along with assisting in security awareness programs.
• Conduct risk and vulnerability assessment at the system and application level.
• Provide security subject matter expertise including product design/usability implications.
• Meet with application and product teams to discuss vulnerability remediation.
• Provide timely and detailed reports, with proofs of findings, analysis of risk, and remediation advice and instructions.
• Help in creating Application Security policy standards and guidelines

Skills on Resume:

• Security Testing & Code Review (Hard Skills)
• Software Security Implementation (Hard Skills)
• Threat Modeling (Hard Skills)
• Adaptability & Learning (Soft Skills)

Job Summary:

• Identify risks and areas of exposure in applications, development process, and architecture, and communicate them
• Collaborate with engineering teams to build a plan to address them
• Perform security reviews of source code, server/service configurations, and provide feedback to development and Dev Ops teams
• Work closely with Info Sec and App Sec teams to manage both internal security policies and penetration tests.
• Help develop relevant application security training for the RnD teams
• Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standard and ensuring software security.
• Identify and evaluate complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement
• Ensuring software stack utilized incorporates security‑by‑design and follows industry best practices.
• Perform security penetration tests (both application and infrastructure for Web and mobile applications)
• Perform security design reviews and threat modeling
• Manage and enhance application security tools (Static Code Analysis, Open Source vulnerabilities tools, Dynamic Application Security tools, etc)
• Develop in‑house application security automation tools
• Analyze, validate and verify potential threats and vulnerabilities

Skills on Resume:

• Secure SDLC (Hard Skills)
• Training Development (Hard Skills)
• Business Process Understanding (Soft Skills)