Web Security Specialist

Web Security Specialist


Date Posted: 31 May, 2021

Location: CET timezone, TELECOMMUTE

Web Security Specialist

Location: CET time zone. Candidates based outside the EU must be willing to work in the GMT time zone.

  • Profound expert knowledge of Web systems especially CMS (Mobile, Web, API, Microservices and Database)
  • Hands on knowledge on Web security modules and secure configuration
  • Profound knowledge on Role Based Access Control (RBAC) for Web applications
  • Configure and implement SCM gitflows and CI/CD tools as per architecture
  • Integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production
  • Support the engineering teams in growing and maintaining the Infrastructure as code / Continuous Integration / Continuous Delivery
  • Support build and release processes for multiple solution layers including front-end (Mobile and Web), API, Microservices and Database, for dev, test, and production servers
  • Mentor development teams, review pull requests, and guide evolution of the development pipeline



  • Must have a solid exposure to web security and coding standards
  • Knowledge in managing, securing and preparing Dev, Test and Production environments
  • Experience with multiple Application Security Tools (SAST, DAST, IAST, MAST Security Static/Dynamic code analyses and Interactive application security testing) and the integration into the SDLC via CI Automation and Integration (focus on SAST using Checkmarx)
  • Familiar with ISMS(ISO/IEC 27000), NIST Cybersecurity Framework, CIS Controls and Open Web Application Security Project
  • Experience with modern application packaging, deployment, containerisation, bug tracking tools and other supporting tools (TeamCity, Jenkins, Docker, Kubernetes, Jira, Confluence, etc.);
  • Strong RESTful API development. API Gateway knowledge is a plus
  • Experience and solid knowledge on computer and network security
  • Hands-on experience and proficiency in API test automation and standardisation
  • Must have practical experience managing Agile Release Management and maintaining a scalable SDLC
  • Must have administered and automated practical solutions for SDLC and Release management through CI/CD and related tools including but not limited to: Bitbucket, Jenkins, Maven, Nexus, Artifactory, SonarQube, Jira, Confluence, and collaboration tools such as MS Teams or Slack;
  • CISSP certification highly appreciated
  • Drupal or other related Web CMS Experience is highly preferred.



Company Overview:

Node.Digital is an independent Digital Automation & Cognitive Engineering company that integrates best of breed technologies to accelerate business impact.

Our Core Values help us in our mission. They include:


**Identifying the~RIGHT PEOPLE~and developing them to their full capabilities**

**Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customer fully engaged while becoming their trusted partner**

**We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence**

**Our mantra is “~Simple*Secure*Speed~”in delivery of innovative services and solutions**

Apply for the job