Senior Application Security Engineer

Job Title: Senior Application Security Engineer

Location: Trivandrum

Experience Range: 4+ yrs

The Senior Application Security Engineer is a hands-on role focused on application development security. This role requires a broad, deep level of technical expertise and information security experience. The Senior Application Security Engineer collaborates with staff developers, Information Technology, business users, and Information Security to assess and manage static and dynamic code analysis initiatives; design, select and deploy technical controls to meet security and business requirements; and implement secure software engineering processes, standards, and tools. The Senior Application Security Engineer is a mentor to security team members from an application standpoint.

Desired experience and skills

Minimum 4 years of application security experience

1-2 years AppDev experience preferred (C# or Java preferred)

Understanding of OWASP Top 10 and CVE/SANS Top 25

Experience with code scanning tools for SAST/DAST/SCA

Able to communicate complex AppSec concepts to developers of different levels

Knowledge of compliance controls (SOX, PCI, GDPR, etc.)

Experience or Knowledge in API Security Testing

Experience or Knowledge in Application Security Testing of Thick Client Applications

Understanding of AppSec in mobile development (iOS, Android)

Knowledge of OWASP SAMM or BSIMM industry maturity models (preferred)

Experience in integrating AppSec tools and practices into an enterprise DevOps environment or CI/CD pipeline (Azure DevOps preferred)

Understanding of AppSec in a cloud native environment (preferred)