Full time, on-site
Responsibilities:
- Perform security assessments, including penetration testing, vulnerability scanning, and code reviews, to identify security weaknesses in applications.
- Collaborate with development teams to remediate identified vulnerabilities and implement secure coding practices.
- Develop and deliver security training to development teams on secure coding techniques and common vulnerabilities.
- Define and implement application security testing strategies, including static analysis, dynamic analysis, and software composition analysis.
- Integrate security testing tools and processes into the CI/CD pipeline.
- Contribute to the development and maintenance of application security policies, standards, and procedures.
- Research and evaluate new application security tools and technologies.
- Monitor application security metrics and provide regular reports on the security posture of applications.
- Participate in incident response activities related to application security.
- Champion a security-first culture within the engineering organization.
Requirements:
- A Bachelor’s degree in Computer Science or a related field is a plus.
- Minimum of 2 years of experience as an Application Security Engineer, Penetration Tester or in a similar role.
- Strong understanding of application security concepts, including OWASP Top 10, CWE Top 25, and SANS Critical Security Controls.
- Experience with various application security testing tools and techniques (e.g., SAST, DAST, SCA).
- Proficiency in at least one scripting language (e.g., Python, JavaScript, Ruby).
- Experience with secure coding practices and vulnerability remediation.
- Familiarity with CI/CD pipelines and DevOps practices.
- Excellent communication and collaboration skills.
- Ability to work independently and as part of a team.
- Experience with cloud platforms (AWS is an advantage).
Apply on link: