Must Have Skills
Skill 1 – Should have good understanding of DevSecOps concepts/principles and cloud native services, to enable secure development and deployment of applications in the Cloud
Skill 2 - Work with Information Security and Information Technology teams to build & maintain controls to manage varied risks including application and cyber risks
Skill 3 – Familiarity with the tools for various security activities: Static Code Analysis, DAST Penetration Testing, Intrusion Detection/Prevention, etc
Skill 4 - Experience working in semi-conductor industry is a plus
Qualification
- Bachelor's degree or equivalent experience in Security
- Minimum 6 to 8 years of experience in Application and/or product security
- Knowledge of regulatory guidelines and standards such as ISO27001, SEMI Standards, etc.
- A thorough understanding of common application security tools, code libraries and documentation.
- Understanding of threat modeling, security vulnerabilities, attacker exploit techniques, and methods for their remediation.
- Familiarity with the tools for various security activities: Static Code Analysis, DAST Penetration Testing, Intrusion Detection/Prevention, etc.
- Experience in performing source code review
- Working knowledge of one scripting language and or familiarity with at least one software programming language and a framework is a plus
- Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences.
- Certification in any security area is a plus
- Experience working with manufacturing equipment or industrial equipment is a plus
- Experience working in semi-conductor industry is a plus