Manages security risk management strategies for large, complex projects by supporting security risk assessment plans; determining testing scope for assigned projects; measuring and evaluating security metrics; reviewing and approving security requirements; identifying dependencies and risks; providing recommendations on prioritization for risk remediation efforts based on criticality; evaluating application and system deployments for security risks and developing code in order to secure gaps; and outlining risk mitigation deliverables and deadlines.
Troubleshoots critical security defects in application and systems coding for large, complex projects by performing security testing and secure code review; reviewing and analyzing security defect information (for example, issue, impact, criticality, possible root cause); developing testing frameworks that are sustainable across multiple projects; developing testing plans to test code for security vulnerabilities; establishing testing standards and processes to meet security metrics; interpreting results to determine further action; evaluating security vulnerabilities to identify trends; performing root cause analysis to prevent reoccurrence of risks; and developing code fixes or solutions for security vulnerabilities.
Leads secure code practice and application penetration testing for large, complex projects by consulting with software development teams in the application of security methodologies and techniques; reviewing project requirements; writing and developing code to drive security testing systems; communicating project status and issues to appropriate team members and stakeholders; evaluating results against expected results; troubleshooting open issues and security vulnerability fixes; ensuring on-time delivery and hand-offs of project action items; and updating project teams regarding results and needed fixes.
Additional Job Description
Walmart InfoSec is seeking experienced and well-rounded penetration testers that will be part of an elite team responsible for protecting the globally distributed information assets of the world’s largest company through specialized security testing. This person is a persistent and resourceful security practitioner with a knack for finding vulnerabilities, practices a persistent approach for proving exploitable findings and possesses a steadfast willingness to collaborate with some of the brightest security professionals.
Outlined below are the required minimum qualifications for this position. If none are listed, there are no minimum qualifications.Minimum Qualifications: Bachelor’s degree in Computer Science, Information Technology, Engineering, Computer Information Systems, or related field and 3 years' experience in information technology or related field within the last 7 years OR 5 years' experience in information technology or related field within the last 7 years OR a Master's degree in Computer Science, Information Technology, Engineering, Computer Information Systems, or related field and 2 years' experience in information technology or related field within the last 7 years
Outlined below are the optional preferred qualifications for this position. If none are listed, there are no preferred qualifications.Customer Service, Information Security, Information Technology, Photo Studio Management, Project Management, Responsible for third party vendor relationships, Retail Industry, Retail Management, Retail Software Programs, Support, Technical Strategy, Testing Technologies, Troubleshooting, Using audio, visual, or broadcasting equipment, Using WFC SOAP adapters as transport