Description

As an Application Security Engineer, you will play a crucial role in safeguarding software by identifying vulnerabilities, conducting penetration tests, and collaborating with development teams to embed security practices throughout the development lifecycle.

Requirements

• •4+ years of experience in application security
• •Strong knowledge of common application security risks and mitigation
• •Experience with secure coding practices in Python, Go, Java, or JavaScript
• •Proficiency in a common programming language with willingness to learn Go
• •Hands-on experience with security testing tools
• •Understanding of authentication protocols like SAML or OIDC
• •Experience in conducting threat-modeling sessions
• •Strong problem-solving and analytical skills
• •Good written and verbal communication skills in English
• •Willingness to learn new things
• •Comfortable working independently
• •Experience in designing, building, and maintaining security automation
• •Experience in translating compliance and regulation requirements into technical specifications
• •Experience in exploiting vulnerabilities in web applications, Linux kernels, containers, and networks
• •Security certifications such as OSCP or OSWE

Tasks

• •Build and maintain ASPM tools and rules
• •Identify, analyze, and remediate application security vulnerabilities using ASPM tools
• •Collaborate with development teams to integrate security best practices into the SDLC
• •Conduct manual and automated penetration testing of applications
• •Develop and maintain secure coding guidelines for development teams
• •Facilitate threat modeling and risk assessments for new and existing applications
• •Stay updated on the latest security threats, vulnerabilities, and mitigation techniques
• •Serve as a subject matter expert in application security for other teams

Tools & Technologies

Benefits