Application Security

We are looking for an experienced Application Security Engineer to join us! As an Application Security Engineer, you will work as a part of our security engineering team and you will collaborate with other IT professionals to ensure that user data is protected.

Responsibilities:

1. Vulnerability Assessment: Conduct regular security assessments of applications to identify and prioritize vulnerabilities.
2. Penetration Testing: Perform penetration testing on web and mobile applications to simulate real-world cyber-attacks and uncover potential weaknesses.
3. Code Review: Review application code to identify and remediate security flaws, ensuring adherence to secure coding practices.
4. Security Architecture Review: Evaluate the overall security architecture of applications and propose improvements to enhance resilience against cyber threats.
5. Incident Response: Collaborate with incident response teams to investigate and respond to security incidents related to applications.
6. Security Awareness: Develop and deliver security training and awareness programs for development teams to promote a security-first mindset.
7. Security Standards Compliance: Ensure applications comply with relevant security standards, regulations, and best practices.
8. Security Testing Automation: Implement and maintain automated security testing tools to streamline the security testing process.
9. Security Documentation: Create and maintain comprehensive security documentation, including risk assessments, security policies, and procedures.
10. Collaboration: Work closely with cross-functional teams, including developers, system administrators, and network engineers, to integrate security measures throughout the software development lifecycle.
 

Qualifications:

1. 6 to 10 Years of experience with Bachelor's degree in Computer Science, Information Security, or related field.
2. Proven experience in application security, including vulnerability assessment and penetration testing.
3. Strong understanding of secure coding practices and knowledge of common security vulnerabilities.
4. Familiarity with security standards and frameworks such as OWASP, ISO 27001, and NIST.
5. Experience with security testing tools and automation.
6. Excellent communication and collaboration skills.
7. Relevant certifications such as CISSP, CEH, or OSCP are a plus.
8. Ability to stay up-to-date with the latest security trends, threats, and technologies.