As a Product and Software Security Analyst, you will play a crucial role in our cybersecurity efforts, focusing on offensive security, fraud analysis, secure application development, and threat modeling. You will collaborate closely with cross-functional teams to ensure the security and integrity of our digital assets and infrastructure.
WHAT YOU’LL DO:
•Participate in projects focused on offensive security, including penetration testing (Pentest) and Red Team exercises under the guidance of senior team members;
•Assist in conducting fraud analysis to identify and mitigate potential risks and vulnerabilities;
•Provide support in building secure applications, leveraging your knowledge of web application security and the Software Development Life Cycle (SDLC).
•Assist in threat modeling using industry-standard methodologies such as ASVS and Irius Risk.
•Support the evaluation of Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools and contribute to vulnerability assessments.
•Assist in the execution of penetration tests on web applications, mobile applications, and APIs, and contribute to the delivery of vulnerability reports and recommendations for remediation to the development team.
•Contribute to projects involving Red Team exercises and Mitre Telecommunication&ck framework.
•work With Data Protection and Compliance Leadership, work with business lines on specific projects related to Privacy Operations, Data Protection Operations, and leveraging governance tools to track data and assets.
•Perform various privacy assessments using OneTrust.
SDLC mobile-applications API data-protection web-application-security penetration-testing