Job description:
as a veracode test engineer, you will be responsible for administering application security toolsets and providing global support to it projects. You will oversee the assigned external resources working on veracode services and be the spoc from the zurich side on technical aspects of the service.
responsibilities:
* administrate appsec tools (sast, dast, iast, rasp) under security testing scope using veracode tool
* produce reports and recommendations from findings, include issues uncovered and levels of risk
* collaborate with other internal and external partner organizations on target access and operational issues
* create comprehensive exploitation strategies that identify exploitable technical or operational vulnerabilities within the tool
* propose thorough documentation of implementations via technical documentation and run-books
* support interpretation of security and technical requirements into business requirements and communicate security risks to relevant stakeholders
* propose automating security controls data and processes to provide improved metrics and operational support
* stay abreast of emerging security threats vulnerabilities and controls
* spot and propose new security technologies and best practices
required skills and qualifications:
* experience in application security tool administration
* knowledge of sast dast iast and rasp
* strong analytical and problem-solving skills
* excellent communication and collaboration skills
* ability to work independently and as part of a team
benefits:
at zurich we offer a challenging and inspiring work environment where you can make a difference. Our 53,000 employees worldwide form the basis of our success enabling businesses and communities to face a world of risk with confidence.