Description
IMPORTANT
Top 3 skills needed
Self organize project/program manager Great communicator with a strong sense of community and able to bring people together Application Security knowledge and experience enabling relationship with developers Since it is remote during Covid, are you open to receiving people from Toronto, Ottawa , Maritimes etc. ? Montréal, Ottawa or Toronto are OK as long as ready to work from office after COVID
Bilingual? Is a must
1. Will this person be responsible for managing people? No2. Will this person be specifically managing the Checkmarx Codebashing training platform? Yes3. Will this person be responsible for developing training? Yes4. Has client had someone work in this role before? If so, what did they call themselves? No, this is a new role.
The Technical Specialist - AppSec Community Manager will be part of the Secure-SDLC team and presented with a blank canvas to develop a Community of software developers acting as AppSec Champions in their respective teams. This person will have a strong understanding of Software Development with a focus on Application Security while talented in bringing people together with a strong sense of community. You will be familiar with the setup, administration and management of an interactive AppSec training platform.
Role
Develop and manage a community of Application Security Champions using a game-like interactive training platformAdminister and manage the AppSec training platform (Codebashing by Checkmarx)Cultivate engagement by being a creative facilitator ensuring the community is vibrant via value added experiencesEngage the software developer community promoting Application Security channelling cross-pollinating ideasPlan, organize and facilitate events and activities creating positive and valuable interactions for community membersRequirements
Bachelor’s degree in Computer Science, or a related field or equivalent2+ years of relevant, engineering experience in a large enterprise environment2+ years experience as a Security Champion/AppSec Leader in a Secure-SDLC/DevSecOps context2+ years experience using an interactive AppSec training platformFamiliar with DevOps Pipeline CI/CD implementation tools (Gitlab, Github, Jenkins, Artifactory, Nexus, etc.)Familiar with Application Security tools implementation and integration in a CI/CD Pipeline (SAST/DAST/IAST/SCA: Jfrog X-ray, Checkmarkx, SonarQube, etc.).Knowledge of Application Security standards and remediation techniques (OWASP, CWE, STRIDE, etc.)Ability to explain vulnerabilities and weaknesses and discuss effective defensive techniquesKnowledge of and experience working with Checkmarx Codebashing (a definite plus!)Self starter who is comfortable getting going from scratch and being resourcefulStrategic thinker who is also willing to roll up your sleeves and get your hands dirtyNatural connector who can draw people in and get involved even if you aren’t an expert in the domainExperience having grown or led a developer communityKnowledge of Agile, Kanban and Scrum methodologiesKnowledge of project management, collaboration and issue tracking tools (Confluence, Jira, Slack, etc.)Intermediate user of Microsoft Office SuiteStrong verbal and written communication skills with demonstrated technical leadership
