Appscan Technical advisor

What we are looking for

We are looking for a professional with deep knowledge in Application Security, including expertise in scan technologies such as SAST, DAST, SCA, and IAST. The ideal candidate is a thought leader in DevSecOps, with extensive hands-on experience in secure SDLC processes. They should possess strong competence in software and Infrastructure-as-Code, particularly with languages and tools like Python, Java, Kubernetes, and Helm. Additionally, the candidate should have experience integrating security tools within CI/CD pipelines and providing consulting on technical and process analyses.

What does the job involve

• Engaging with customers to understand their security requirements and identify potential security gaps in their application environment.
• Participating in customer meetings and presentations supporting the sales team with objection handling.
• Providing technical expertise and support to the sales team by conducting tailor made product demonstrations based on customer requirements.
• Conducting product evaluations and proof-of-concept (POC) demonstrations to help customers understand how the solutions work.
• Put together a POC document template with industry use cases, Success criteria to be discussed with customers before start of a POC for maximizing output better understanding of customer landscape.
• Put together a regular cadence with the customer executing POCs without the help/support of a TA to support the customer in executing the POC in time.
• Help responding to RFPs/tenders by collaborating with professional services teams, product management teams partner technical teams (if any). Detailed responses to be documented with use cases details, diagrams etc. instead of a straight Yes/No response.
• Support Sales team in sizing licenses for the customer based on understanding of the requirements.
• Developing technical and business knowledge around competitive solutions and maintaining up-to-date knowledge of industry trends.
• Participating in industry events, conferences, and webinars to showcase the security solutions and create awareness.
• Conduct bi-weekly technical webinars around new features, basic understanding of solution, etc. for the specific region TA is responsible for
• Supporting post-sales activities such as COE Support, basic training, and ongoing customer support to make sure customers are satisfied it can help in growing business.

Qualifications

• Knowledge on Application Security all scan technologies like SAST, DAST, SCA, IAST etc.
• Professional-level DevSecOps knowledge and thought leadership covering the majority of the secure SDLC.
• Competent, hands-on skills crafting software and Infrastructure-as-Code, particularly using Python, Java, Kubernetes, Helm.
• Competent, hands-on experience with modern software development tools and processes.
• Competent, hands-on experience with SCA and SAST security tool integration within CI/CD pipelines.
• Some experience with consulting, conducting technical and process analyses, and the crafting of documentation – including leveraging wikis along with traditional document formats.
• Assist Engineering teams to build Threat Models, fix issues identified during SAST and DAST scans and adherence to security policies
• Keep track of vulnerabilities and aid towards closure
• Disseminate information about the secure coding guidelines to the teams
• Stay current on the vulnerabilities and remediation, Share knowledge to Engineering teams
• Knowledge and experience in working with API Mobile security and mitigations.
• Knowledge and understanding of secure SDLC (System Development Life Cycle) methodologies.
• Experience in drafting application security coding standards.
• Knowledge and experience in identifying and suggesting mitigations to OWASP top 10, CWE/SANS top 25 to development teams.

Benefits

• Bonus
• Full benefits package that Begins on Day 1 of employment
• Competitive PTO

Location

Angola, Morocco, South Africa, Egypt

Lugar de trabajo