1.844.822.0541

info@nexusgroup.ca

Nexus Systems Group

by

Typical Day in the Role:
• Collaborate with stakeholders across the client – technology, application security product, security advisory, fraud, compliance and business channel teams – to drive the product features and roadmap in application security domains like SAST, MAST, SCA, DAST etc across the client.
• Policies for SCA – Security Policies, Licensing Policies and Operational Policies
• Mobile App Publishing – coordinate with stakeholders to define the minimum-security requirements for publishing a Mobile app to the App Store (Google Play store, Apple etc)
• Continuously evolve app sec product features based on industry best practices and emerging security threats
• Govern and define DevOps pipeline and developer tooling use cases to integrate with enterprise app sec products
• Will work closely with multiple cross enterprise teams to gather requirements and the adoption of new security products.
• Implementation and operations governance based on the defined enterprise standard solution architecture and design patterns
• Co-ordinate efforts from business and technology teams.
• Communicate regularly with various business channels on the progress made for various projects in the pipeline

Must Have Skills/Requirements:
• 10+ years’ experience in IT Security with focus on application security and/or devops
• 3+ years product management or similar experience with AppSec domains like SAST, MAST, SCA, DAST and/or tools like Veracode, Checkmarx, NowSecure, Fortify, Snyk, Burp Suite, Zap etc
• 3+ years’ experience with documenting process, requirements and product information
• General knowledge of threat modeling, vulnerability management and risk assessment
• General knowledge of OWASP Top 10, Mitre, CVE/CVSS
• 3+ years’ experience in the financial industry

Nice to have Skills:
• Experience with deployment and managing IaaS, PaaS & SaaS solutions
• Experience with infrastructure as code (IaC)
• Experience with API Security
• 3+ years’ experience with popular CI/CD tools like Jenkins, Azure DevOps, GitLab CI/CD, CircleCI
• 3+ years’ experience with CI/CD Pipeline tools and processes like BitBucket/GitHub, Jfrog Artifactory, Ansible, Confluence, Jira, Bamboo etc
• Experience building business cases demonstrative value of a product and cost-benefit analysis
Security certifications like CISSP

Education: Post Secondary Experience