Love this post. There are so many sub-fields of security that it can be really hard to guide people (or yourself) through them.
One of the interesting roles is one I've been embodying for the past few years. It grew out of my Developer/AppSec experience and basically covers "Secure Development" as a whole. It has aspects of the general AppSec roles, with heavy emphasis on Secure Code Reviewer, Security Architect, Developer Education, and (not previously listed) Secure Developer. The last role is someone who specializes in building secure code in especially sensitive settings. They commonly work with developers (playing off the Developer Education and Secure Code Reviewer) while remaining especially hands-on for specialized/sensitive pieces.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Love this post. There are so many sub-fields of security that it can be really hard to guide people (or yourself) through them.
One of the interesting roles is one I've been embodying for the past few years. It grew out of my Developer/AppSec experience and basically covers "Secure Development" as a whole. It has aspects of the general AppSec roles, with heavy emphasis on Secure Code Reviewer, Security Architect, Developer Education, and (not previously listed) Secure Developer. The last role is someone who specializes in building secure code in especially sensitive settings. They commonly work with developers (playing off the Developer Education and Secure Code Reviewer) while remaining especially hands-on for specialized/sensitive pieces.