Application security

Exp : 8yrs to 12yrs

Job Summary:

This Application Security Engineer will be responsible for day-to-day engineering and operations work within our AppSec program. This includes both evaluating and setting up new AppSec tools, triaging application vulnerability findings from our existing tools, coordinating third-party pentests, and working directly with software engineers to provide software security architecture guidance. This role requires both a solid understanding of offensive and defensive software security concepts, and the ability to communicate effectively with software engineers across the firm.

Key Responsibilities:

• Collaborate with software engineers to design and facilitate the implementation of secure software architecture.
• Evaluate and set up software security tools to enhance our AppSec posture.
• Conduct security assessments of existing applications and software systems.
• Monitor and track the effectiveness of security measures and remediation efforts.
• Stay updated on the latest application security threats, trends, and best practices.
• Work closely with internal teams, including both IT and Security stakeholders, to align application security initiatives with company objectives.
• Assist in developing security training programs for software engineers.

Qualifications:

• Strong knowledge of application security architecture and tools.
• Experience with security assessment tools and methodologies.
• Ability to analyze complex security issues in software systems and provide actionable recommendations.
• Strong communication and interpersonal skills.
• Practical certifications such as those from Offensive Security, GIAC, ISC2, and others are a plus.
• Strong analytical and problem-solving skills.