Application Security Specialist
Company: The Hertz Corporation
Location: Estero
Posted on: May 24, 2023
|
|
Job Description:
Overview:
The Application Security Specialist is a key member of the Cyber
Security & Compliance organization to monitor internal and external
security threats and risks, provide in-depth analysis, and
remediate to return Hertz to normal business operations. This role
is dedicated to the discipline of Application Security and Secure
Software Development Cycle (SSDLC).
APPLICATION SECURITY
+ Work with a team of Product DevOps/SecOps Engineers to architect
and secure AWS applications.
+ Ensure compliance and security of public cloud properties.
+ Create secure design patterns and libraries for cloud
applications in areas such as data protection, key management,
authentication, and authorization.
+ Develops standards, policies and procedures best practices
documentation.
+ Translate security and technical requirements into business
requirements and communicate security risks to different audiences
ranging from business leaders to engineers.
+ Work closely with application developers and system
administrators to deliver secure solutions to complex technology
challenges and business requirements.
+ Shares lessons learned, initial indicators of detection and
opportunities for strengthening systems and applications to
management.
+ Collects information from a wide variety of sources, and
aggregates the data relevant to the Hertz security environment.
+ Act as a security liaison and present security architecture along
with Application Teams in periodic Architecture Review Board
meetings.
TECHNICAL EXPERTISE
+ Bachelor degree in Computer Science, MIS, or related field.
+ 5+ years of Information Security experience required, preferably
in a global Fortune 500 corporation.
+ Knowledge of OWASP top 10 and able to identify vulnerabilities
and possible exploits. Provide remediation guidance.
+ Strong experience with Amazon EKS Amazon Kubernetes Service
+ Strong understanding of modern deployment tools like Jenkins,
Git, Docker
+ Utilize cloud-based APIs when appropriate to write network/system
level tools for securing cloud environments
+ Familiarity with common web vulnerabilities including: XSS, XXE,
SQL Injection, Deserialization Attacks, File Inclusion/Path
Traversal Attacks, Server-side Request Forgery, Remote Execution
Flaws, Server Configuration Flaws and Authentication Flaws.
+ Experience in testing web-based APIs (i.e., REST, SOAP, XML,
JSON) and AWS Serverless applications.
+ Application or system hardening, Security Testing / Penetration
Testing, Fuzzing, Cloud security.
+ Hands-on experience performing threat modeling, including STRIDE
and PASTA methodologies
+ Familiarity with MITRE ATT&CK Enterprise Matrix and MITRE
D3FEND
+ Excellent written and oral communication skills in English
+ Well versed in a variety of development languages, protocols,
code repositories, and application security testing platforms.
+ Certifications desired: AWS Cloud Practitioner, Certified
Information Systems Security Professional, (CISSP) Certified
Ethical Hacker, (CEH) GIAC Security Essentials Certifications, GIAC
Certified Intrusion Analyst, Global Information Assurance
Certification, Forensics certifications.
The Hertz Corporation operates the Hertz, Dollar Car Rental,
Thrifty Car Rental brands in approximately 9,700 corporate and
franchisee locations throughout North America, Europe, The
Caribbean, Latin America, Africa, the Middle East, Asia, Australia
and New Zealand. The Hertz Corporation is one of the largest
worldwide airport general use vehicle rental companies, and the
Hertz brand is one of the most recognized in the world.
**US EEO STATEMENT**
At Hertz, we champion and celebrate a culture of diversity and
inclusion. We take affirmative steps to promote employment and
advancement opportunities. The endless variety of perspectives,
experiences, skills and talents that our employees invest in their
work every day represent a significant part of our culture and our
success and reputation as a company.
Individuals are encouraged to apply for positions because of the
characteristics that make them unique.
EOE, including disability/veteran
Keywords: The Hertz Corporation, Cape Coral , Application Security Specialist, Other , Estero, Florida
Click
here to apply!
|