Estuate - Cyber Security Consultant - OWASP/Nessus (7-15 yrs)

Job Description :

- End-to-end activities that belong to the secure software development lifecycle for products.

- Defining adequate cyber security mitigation, identifying threats, assessing risks, definition of security testing methods and scope, and track remediation actions of security findings during development.

- Conduct planning and execution of 3rd party review activities (Verification & Validation) related to Cybersecurity and Software Architecture.

- Proactively identify flaws in product security, assess patient safety and business risk, and advise product managers on remediation steps.

- Advice product teams to plan and implement adequate cybersecurity maintenance activities throughout the product's life-cycle.

- Support development and maintenance of processes and tools for threat modeling, cybersecurity risk assessment, security testing with penetration testing tools, like Kali ,Linux, OWASP ZAP, Nessus and others.

As Security and Privacy lead, you will have :

- Minimum 6.5 years of related work experience in product security, with demonstrated experiences in areas such as :

- SDLC in Software Development, Network technology, Cryptography, Cloud computing technologies, DevSecOps methodologies etc.

- Threat modeling, attack surface analysis, risk management, security testing, penetration testing and remediation activities.

- Security by design and default concepts, OS hardening system and cloud infrastructure hardening and monitoring

- Preferable certifications : CISSP

- Working knowledge of security controls, guidelines and standards (e.g., ISO27000 series, OWASP, CSA CCM, CIS 20 Critical Security Controls, SOC 2, and NIST)

- Good understanding of privacy and data protection regulations (e.g., HIPAA, EU GDPR)

- Demonstrated soft skills : problem solving, leadership, communication, teamwork, flexibility and adaptability