jobid=A.0.0702
pstrongJob description: /strong /pbrpThe Development Services department is the knowledge center within ABN AMRO for everything concerning software development. It’s goal is to continuously improve the quality of the software development process and it’s deliverables. To accomplish that mission, we harvest best practices from the development community and translate these into standards and guidelines. Common for all technologies is the need for strong security. The Secure Coding (SECO) team takes care of all matters concerning the security of software development. A Domain Expert for SECO helps development teams in the organisation with improving the quality of security of their products. /p brpstrongTeam activities: /strong /pbrpThe SECO team manages the ABN AMRO ruleset for tools like Fortify and NexusLC in collaboration with the ABN AMRO developer communities and QA authority. We look into security issues in the Code and give teams advice on how to remediate this. If teams create tickets to request exceptions, we evaluate these cases. Also we investigate possibilities to improve code security within the bank and we allocate a part of our time to investigate existing or develop new security tools. /pbrpstrongWith the following results: /strong /pbrullipSecure coding standards and guidelines /p /lilipSecure software development tools and processes /p /lilipCoaching ABN AMRO staff on secure development practices /p /lilipFuelling the Security Triangle community /p /li /ulbrpstrongRelevant knowledge skills competences: /strong /pbrpAs a Domain Expert for SECO, the candidate must be an expert in software development security (methodologies) and associated tools. Must have technical experience: /ppstrongVulnerabilities /strong: /pp- OWASP /pp- SANS /ppThreat modelling: STRIDE /pbrpstrongDevelopment /strong: /pp- Proficient in at least one major programming language (Java / Javascript / Python / C# / Swift / Go) /ppPublic Cloud technology: /pp- Azure /pp- Azure DevOps /pbrpstrongVersioning /strongtools: /pp- Git /pp- Bitbucket /pbrpstrongBuild tools: /strong /pp- Maven /pp- Gradle /pbrpstrongQA tools: /strong /pp- SonarQube /pp- Fortify /pp- Nexus Lifecycle /p brpstrongMust have personal skills: /strong /pbrullipFluent English (Dutch not required) /p /lilipCoaching Feedback /p /lilipTaking ownership /p /lilipTraining /p /lilipConvincing /p /lilipEnterprise awareness /p /lilipIntercultural awareness /p /li /ul
Deel deze vacature: