Application Security Engineer
Latin America
Applications have closed
Media.Monks
We’re Media.Monks – global content, data, and media powerhouse. Our solution is simple and singular: Disrupting the industry, driven by digital.Application Security Engineer
Position description:
As an Application Security Engineer will be contributing to improve the security within the SDLC by identifying and implementing appropriate security controls such as training the teams in secure development practices, implementing SAST flows and growing security testing capabilities. You’ll be the POC for AppSec for development and operations teams.
Key accountabilities:
- Design best practices for implementing security by design on new developments.
- Train development teams on secure coding and security best practices.
- Advise on good security practices and solution threats (via threat modeling).
- Implement and manage SAST strategies company cross.
- Assess software and infrastructure code from a security standpoint and communicate any identified risk.
- Support the development team in the remediation of security problems.
- Perform security testing on web sites, web applications and mobile applications.
Minimum Qualifications:
- 3 years or more of experience in similar positions (Blue Team - Defensive Security Engineer and Ethical Hacker or Pentesters).
- Knowledge in frameworks such as: OWASP
- Prior experience in vulnerability management with SAST/DAST automation
- Experience finding vulnerabilities in web/mobile applications, testing software and infrastructure security using appropriate, existing or bespoke, automated security tools.
- Penetration testing qualifications e.g. OSCP, CREST, TIGER or equivalent
- Experience in threat modeling and attack vectors
- Very good English, both written and verbal
- Knowledge of secure development in AEM, PHP, Node, API Rest, Drupal and Mobile..
Qualities:
- Good communication skills, with the ability to convey security complexities to audiences of various technical abilities.
- Ability to confidently present findings to other teams.
- Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills.
- Ability to self-organize and plan activities with commitment towards results.
- Ready to learn new contents both from others or self-learned.
- Passionate about self-improvement and suggesting improvements to processes or activities.
Preferred Qualifications:
- Knowledge of cloud environments (AWS and GCP)
- Scripting experience (Python, Perl, Powershell, etc)
- Knowledge of any of these tools or similar: Nmap, Metasploit, SQLmap, Burp Suite, Nessus, Shodan, and others related to cloud security evaluation.
About Media.Monks:
Media.Monks is on a mission to create a new future for this industry. Our vision? Build everything with a belief that changing for good comes from changing who does the work. Yep, that means you. Welcome to the party—one global, cross-cultural collective with a passion for using our skills to create better and a better world. That’s how we’re able to connect the dots between data, content, digital media, and technology from everywhere we are—a true end-to-end model. Joining the Media.Monks collective means having the opportunity to create award-winning work with some of the most gifted, focused, joyful, talents from all over the world.
At Media.Monks, you’ll be joining a highly ambitious company on a global mission to win the decade by changing the industry for good. Partner to 8 of the 10 most innovative companies in the world, Media.Monks works with established as well as up-and-coming global, regional, DTC and B2B brands, helping them own their data and build out customer ecosystems to elicit smart, efficient, high-impact engines for growth. We deliver table stakes quickly, creating cost efficiencies from day one to push up the creative effectiveness of our work with every cycle.
We are an equal-opportunity employer committed to building a respectful and empowering work environment for all people to freely express themselves amongst colleagues who embrace diversity in all respects. Including fresh voices and unique points of view in all aspects of our business not only creates an environment where we can all grow and thrive but also increases our potential to produce work that better represents—and resonates with—the world around us.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Automation AWS Blue team Burp Suite Cloud CREST DAST GCP Metasploit Nessus Nmap OSCP OWASP Pentesting Perl PHP PowerShell Python SAST Scripting SDLC SHODAN Vulnerabilities Vulnerability management
Perks/benefits: Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs