Especialista Seguridad en Desarrollos y Gestión de Incidentes de SI

Information Technology Mexico City, Mexico


Position at Alten Mexico

The Security Champion role is to support IT System team of french loans specialized company in Santa Fe. 

The objective of your mission is to determine the degree of risk present in the applications and developments carried out for the entity, either by internal personnel or external suppliers, through risk analysis at a technical level, and report and follow up on the mitigation plans and measures established.

Your main activities will be: 

  • Execute periodic technical controls (scans, vulnerability tracking, penetration tests, etc.) on the applications and source code of the developments made either by internal personnel or external suppliers, in order to identify the associated risks and define together with the development area mitigation action plans.
  • Evaluate the requirements of new developments to corroborate that the security requirements are considered, and that they are validated in the corresponding tests prior to release to production.
  • Manage IT security tools focused on application security management (vulnerability analysis, code analysis, library analysis, WAF, IPS, etc.), and monitor that they operate according to the organization's policies.
  • Generate and maintain the inventory of applications, API's, developments, libraries, etc., and prepare periodic consolidated reports of risk levels by vulnerabilities, obsolescence level, IT security measures implemented or pending implementation, and if necessary the associated mitigation plans.
  • Follow up the IT security alerts generated in the monitoring tools (SIEM, DLP, WAF, IPS) coming from the different applications and developments for a timely detection and attention of IT security incidents, and generating and submitting periodic reports, and following up the action plans that are defined.

This job might be for you if you have:

  • Bachelor of Science Degree in Computer Systems or equivalent
  • Technical knowledge in application vulnerability analysis (OWASP).
  • Intermediate knowledge of programming (java, .NET) and database management.
  • Basic knowledge of data networks and Operating System administration (Windows, Linux).
  • Knowledge of policies, procedures, standards, norms, standards and best practices regarding Information Security, such as: NIST (National Institute of Standards and Technology), ISO 27001 (International Organization for Standardization) 27001.
  • Experience with vulnerability analysis tools (Nesus, Qualys, Fortify, Sonatype).
  • Desirable 3 years of experience in vulnerability analysis in applications and application source code
  • Desirable technical certifications or courses in penetration testing and/or vulnerability analysis (OWASP).
  • Desirable knowledge in mobile application development and vulnerability analysis in mobile applications (Apps).
  • Knowledge of Agile methodologies (Agile, Scrum)

Welcome Home! 

Alten Technology is a an Equal Opportunity Employer. Our Policy is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual’s age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status.