Overview

Recruiter - Lorena Padilla

Position reports to: Fernanda Bedolla

This position will take the direct hands-on responsibility for ci/cd pipeline expansion, implementation, and operation during business hours and will assist the Regional Cybersecurity Leads in tasks focused on identifying, monitoring, measuring, assessing, handling, and diminishing risks. Will be also responsible for providing support to the region on the proper operation, implementation, and troubleshooting of security controls according to Herbalife's Cybersecurity policies and procedures and for troubleshooting issues, participating in incident response, and following up on risks and gap remediation. Finally, this position will lead worldwide Cybersecurity projects for either, putting in place new controls in place or upgrading/improving current ones.

Job Qualifications

Qualifications:

1. Skills: (List 3+ required and preferred skills or abilities)

Required

• 4+ years of proven experience in software engineering or related experience
• Bachelor's in information technology or related field.
• Strong communication skills in English
• Proven work experience as a software security engineer
• Pentesting knowledge and experience
• Software development experience in one of the following core languages: .NET, .net core, java (oracle ADF framework is a plus), Node JS - Ansible or React
• Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols
• Scripting
• Demonstrated security knowledge
• Strong technical acumen; creativity; interpersonal skills; emotional intelligence
• Knowledge of common web application and mobile frameworks
• Software design and development
• Related experience in the IT Security field.
• Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation

Preferred

• Ability to build and maintain effective working relationships at all levels of the organization.
• Strong business ethics surrounding access to confidential information.
• Take ownership of initiatives and projects, and manage time.
• Provide concise and regular updates to management.
• Professional attitude towards teammates and colleagues.
• Ability to interact effectively at all levels with sensitivity to cultural diversity.
• Ability to function as an effective team member.
• Ability to adapt as the external environment and organization evolves.
• Development API's and security features
• Strong knowledge and understanding of HTTP/S protocols
• A solid foundation in computer science, with strong competencies in data structures, design patterns, object-oriented programming, algorithms and software design.
• Excellent analytical skills with the ability to resolve technical issues as both an independent thinker and team member with a focus of action with results.
• Ability and willingness to learn quickly new skills
• Flexibility to work in an agile and fluid environment

Preferred

• Knowledge of app dev security frameworks, standards and best practices such as Owasp Security Pipeline, OWASP Top, OWASP ASVS, SANS 25, WASC, OWASP Code Review Guide, OWASP Testing Guide
• Application Security Certifications - ISC2 | SANS | ECCOUNCIL
• Understanding of basic Cryptography and algorithms.