Application security testercountry: mexico*grupo santande *r es el banco líder que a través de más de 160 años de reinvención, ha llegado a ser una organización sin fronteras con presencia en más de 40 países, 95 nacionalidades y equipos multiculturales que comparten 4 idiomas.
lo importante para nosotros son nuestros clientes, colaboradores, accionistas y la sociedad, como parte de nuestra misión, que es contribuir al progreso de las personas y empresas, actuando siempre de forma sencilla, personal y justa.en este momento nos encontramos en búsqueda de talento como: application security testing*knowledge and experience*:- must have a bachelor's degree computer science, software dev, info sec, security engineering, etc.- experience detecting threats and vulnerabilities.- knowledge of common software vulnerabilities, such as those in the owasp texperience with cvss and how to apply.- security certifications a plus.- ethical hacking experience a plus.
*essential duties and responsabilities.
*- knowledge of common software vulnerabilities, such as those in the owasp top 10.- experience with cvss and how to apply.- acts as influencer of peers and management.- conducts software composition analysis, sast, dast and penetration testing.- conducts penetration testing (eg, internal, external, wireless, physical, social, etc.
)- post vulnerability assessment, work with various stakeholders to provide remediation to the identified risks and bring the same to closure.- conducts walk-through of the assessment report to the stakeholders and help define remediation plan.- creates process improvement by identifying inefficiencies and solutions for process improvements.- oversees monitoring of security reports to identify issues and follow these issues to resolution.- provides direction and act as an escalation point on projects and issues to other team members.- updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.- works with various teams to follow a pre-assessment plan/ and assessment schedule for every assessment, conduct threat assessment, and deliver an assessment report.- writes clear implementation guidelines for the implementation engineers.
*location*:- *cdmx/ queretaro.