Job Description
The Technical Specialist - AppSec Community Manager will be part of the Secure-SDLC team and presented with a blank canvas to develop a Community of software developers acting as AppSec Champions in their respective teams. This person will have a strong understanding of Software Development with a focus on Application Security while talented in bringing people together with a strong sense of community. You will be familiar with the setup, administration and management of an interactive AppSec training platform.
Role
- Develop and manage a community of Application Security Champions using a game-like interactive training platform
- Administer and manage the AppSec training platform (Codebashing by Checkmarx)
- Cultivate engagement by being a creative facilitator ensuring the community is vibrant via value added experiences
- Engage the software developer community promoting Application Security channelling cross-pollinating ideas
- Plan, organize and facilitate events and activities creating positive and valuable interactions for community members
Requirements
- Bachelor’s degree in Computer Science, or a related field or equivalent
- 2+ years of relevant, engineering experience in a large enterprise environment
- 2+ years’ experience as a Security Champion/AppSec Leader in a Secure-SDLC/DevSecOps context
- 2+ years’ experience using an interactive AppSec training platform
- Familiar with DevOps Pipeline CI/CD implementation tools (Gitlab, Github, Jenkins, Artifactory, Nexus, etc.)
- Familiar with Application Security tools implementation and integration in a CI/CD Pipeline (SAST/DAST/IAST/SCA: Jfrog X-ray, Checkmarkx, SonarQube, etc.).
- Knowledge of Application Security standards and remediation techniques (OWASP, CWE, STRIDE, etc.)
- Ability to explain vulnerabilities and weaknesses and discuss effective defensive techniques
- Knowledge of and experience working with Checkmarx Codebashing (a definite plus!)
- Self-starter who is comfortable getting going from scratch and being resourceful
- Strategic thinker who is also willing to roll up your sleeves and get your hands dirty
- Natural connector who can draw people in and get involved even if you aren’t an expert in the domain
- Experience having grown or led a developer community
- Knowledge of Agile, Kanban and Scrum methodologies
- Knowledge of project management, collaboration and issue tracking tools (Confluence, Jira, Slack, etc.)
- Intermediate user of Microsoft Office Suite
- Strong verbal and written communication skills with demonstrated technical leadership
- Bilingual is a must