IT Application Security Champion - Gothenburg

Veritaz is a fast-growing IT consulting firm with a global presence. Our diverse team consists of exceptionally talented individuals from Sweden, the UK, the US, and Pakistan, bringing together a wealth of knowledge and expertise to deliver outstanding solutions to our clients. We are proud of our inclusive and collaborative culture and offer ample opportunities for professional growth and development. Join us on our remarkable journey as we continue to make a significant impact in the IT industry.

Assignment Description:

We are seeking an experienced IT Application Security Champion who will be responsible for implementing and maintaining security measures, identifying vulnerabilities, and mitigating risks across applications with multiple technologies.

What you'll do:

· Collaborate with the Security Operations Centre (SoC) to enable and enhance regular Security Risk Assessments (SRA) in Application Security.

· Interface with relevant stakeholders to obtain security policies, guidance, and tooling requirements.

· Implement Static Application Security Testing (SAST) tools like Fortify and Dynamic Application Security Testing (DAST) tools like Burpsuite across applications built with technologies such as Java, Spring Boot, and ASP .Net.

· Ensure that security elements are integrated throughout the DevSecOps lifecycle as specified by the client.

· Conduct risk assessments based on SAST & DAST reports, working closely with Solution Architects and lead developers to mitigate risks and address application code vulnerabilities.

· Safeguard assets and data, identifying vulnerabilities and implementing risk mitigation strategies.

· Educate Solution Architects and application developers on security threats, vulnerabilities, and best practices.

· Provide recommendations for improving application security from a holistic standpoint.

· Utilize Key Management Solutions to secure, store, and control access to tokens, passwords, certificates, API keys, and other sensitive information.

· Implement encryption and tokenization techniques for securing data at rest and data in transit.

Who you are:

· Proven experience working with security functions and Security Operations Centre (SoC) to enable and enhance Security Risk Assessments (SRA) in Application Security.

· Hands-on experience implementing Static Application Security Testing (SAST) tools like Fortify and Dynamic Application Security Testing (DAST) tools like Burpsuite across applications built with Java, Spring Boot, and ASP .Net.

· Familiarity with the DevSecOps lifecycle and integrating security measures at each stage.

· Proficient in conducting risk assessments based on SAST & DAST reports and collaborating with Solution Architects and lead developers to address vulnerabilities and enhance application code.

· Excellent communication and interpersonal skills to educate Solution Architects and application developers on security threats and mitigation strategies.

· Experience with Key Management Solutions for secure token, password, certificate, and API key management.

· Familiarity with encryption and tokenization techniques for securing data at rest and in transit.