Main Responsibilities

• Do penetration testing and vulnerability assessments on apps
• Find and fix security holes in the designs, code, and settings of applications, whether they are new or being changed
• Work with developers to make security a part of the Software Development Life Cycle (SDLC)
• Encourage safe coding practices including input validation, encryption, and authentication methods
• Look into and deal with security problems with applications, including breaches or malware infestations
• Do a root cause analysis and suggest ways to stop it from happening again
• Make sure that apps follow security standards like PCI-DSS, ISO 27001, or OWASP Top 10
• Make and enforce rules and procedures for application security
• Use and set up technologies like Web Application Firewalls (WAFs), Static and Dynamic Application Security Testing (SAST/DAST) tools, and tools that secure your system while it's running
• Keep an eye on how your apps are used all the time for anything strange or suspect
• Teach developers and other people involved about the risks and recommended practices for application security
• Hold workshops or make materials to help development teams think about security first
• To fix security problems, work with teams from different departments, such as developers, DevOps, and BT
• Tell both technical and non-technical stakeholders about the risks and the remedies
• Keep current with new threats and innovations in the field of application security
• Suggest and put into action changes that will make the application's security posture better

What you need to know, be able to do, and have experience with

Academic Qualifications

Experience

Other Skills and Qualifications

• Familiarity with systems architecture and systems development
• Experience and knowledge in penetration testing of applications
• Training and skills in designing and securing web apps
• Knowledge about Web Application Firewalls
• Being good with security tools like firewalls, intrusion detection systems, and encryption
• Know-how and experience with cyber defense tools and tactics
• Having experience managing UNIX and Windows servers is a plus
• Unix and Windows technical expertise, as well as Python scripting skills
• You must have expertise creating technical and management reports for stakeholders
• Must be able to solve problems better than most people, be well-organized, and communicate well
• People think of him as an out-of-the-box thinker who is eager to learn
• Ability to keep solid relationships with stakeholders, a strong work ethic, and the ability to work well with others as well as on their own
• Knowledge of security frameworks and rules like PCI-DSS and ISO 27001
• Ability to quickly respond to security events and analyze what happened thereafter
• Ability to test security solutions, both in-house and on other systems, before they go into production
• The ability to teach personnel about the best ways to be safe and encourage a culture of security awareness
• Advanced expertise in business architecture and IT security
• Inductive reasoning and analytical thinking
• Planning and organizing
• Strategic Perspective: Set priorities, tough goals, and measurements that are in line with these goals and the vision of the organization
• Critical Thinking and Decision-Making: Identify problems and work on finding solutions that work
• Good Communicator: Able to clearly and simply express concepts in both speech and writing
• Leadership and Interpersonal Skills: Build a culture where everyone is always learning and taking responsibility for themselves and their team
• Encourage Commitment: Actions and words are in line with each other
• Self-Development: Works to make good changes in oneself and the organization Makes their own plan for personal growth

Invitation

Please use the link below to apply if you think you satisfy the standards listed above: www.careers.dfcugroup.com When you arrive there, click on "Career Opportunities" to begin 

(For the best experience, we suggest using Google Chrome) Due Date: September 4, 2025

 We will only get in touch with those who are on the short list 

Please be aware that all of the rules and terms for hiring that are listed in the HR Policies and Procedures Manual will apply