Application Security Engineer - AppSec
DoceboDocebo's learning platform enables you to drive engagement, productivity, and connections with your customers, partners, and employees.
- Deep technical knowledge of Threat Modeling and OWASP methodologies.
- Hands-on experience using Burp Suite, ZAP, SAST & DAST tools.
- Understanding of how scanning tools, penetration tests, and post-deploy scanning tools work together in the application security lifecycle.
- Deep, hands-on experience implementing AppSec tools into a DevOps pipeline.
- Solid understanding of application security issues, risks, and mitigation strategies.
- Experience developing and refining Secure SDLC documents and processes.
- Experience building and leading Information Security training focused on secure development practices and based on OWASP principles.
- Experience assessing and securing open-sourced software components.
- Advanced interpersonal verbal and written communications skills.
- Provides application security support to development teams. This includes collaborating to manage and integrate application security tools and processes.
- Provide vulnerability and remediation guidance, and perform basic configuration of scans.
- Triage and validate scan findings, before inputting the associated work tickets.
- Maintain a focus on automation, to support scalability and efficiency.
- Coordination and review of penetration testing activities by third-party ethical hackers and vendors.
- Tuning of DAST/SAST/SCA tools to remove false findings.
- Management of the Threat Modeling program, to drive a triaged and structured approach towards managing security risks.
- Work closely with architecture and product teams to drive security issues to resolution, and monitor against SLAs.
Nice to have:
- Background as a Developer, with experience in QA.
- Experience as a DevOps or SRE Engineer.
- Experience in Software Development and/or Security-related positions
- Hands-on experience with Terraform is a plus.
- Professional certification is a plus (OCSP, SANS, or similar).
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open SOC Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open o365 Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Staff Product Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Specialist jobs
- Open Firewalls-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Malware-related jobs
- Open IAM-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Kubernetes-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open SQL-related jobs
- Open Splunk-related jobs
- Open CI/CD-related jobs