- Create and develop a security architecture of the solution;
- Define security requirements from compliance drivers;
- Help the development team to implement security features in the product;
- Implement security best practices in CI/CD practices.
- Experience in Security SDLC;
- Experience with OWASP Software Assurance Maturity Modell (OSAMM);
- Experience in implementation and assessment of OWASP ASVS;
- Experience in Threat modeling, Business impact analysis;
- Knowledge of HIPAA, HITRUST, SOC2;
- Knowledge of OWASP TOP 10;
- Experience with penetration testing, and security tools;
- Knowledge of AWS;
- Understanding of cryptography.
- Good communication skills, ability to conduct email communications, lead security-related meetings and discussions;
- At least Intermediate level of English including cybersecurity-related vocabulary (Customers from the USA).
Would be a plus (not mandatory):
- Cybersecurity certifications;
- Experience in fintech and healthcare domains.