Associate Security Engineer - Application Security

Job Title: Associate Security Engineer - Application Security

Experience: 1 - 2 Years

Work Location: Trivandrum

Position Summary:

The Associate Application Security Engineer is a hands-on role focused on application development security. This role requires a broad, deep level of technical expertise and information security experience. The Application Security Engineer collaborates with staff developers, Information Technology, business users, and Information Security to assess and manage static and dynamic code analysis initiatives; design, select and deploy technical controls to meet security and business requirements; and implement secure software engineering processes, standards, and tools.

Essential Duties and Responsibilities:

• Responsible for assisting team efforts to maintain and automate application security and DevOps tools.
• Collaborate with development teams in identifying and building solutions to secure code.
• Perform periodic secure coding assessments & reviews to assess security vulnerabilities & identify the best way to reduce information security risks.
• Possess the ability to discuss and present technical solutions to all levels of the business.
• Facilitate development group discussions on vulnerability mitigation, good coding practices, and security risks.
• Contribute to the maintenance of static and dynamic code analysis tools.
• Identify new requirements / enhancements to standards, tools, and processes.
• Periodically, conduct developer training on Application Security concepts.
• A willingness to learn new tools and techniques on the fly.

Desired Experience and Skills:

• Masters in Information Security or Bachelors in Computer Science or equivalent.
• Practical hands on knowledge of web application security testing.
• Understanding of OWASP Top 10 and CVE/SANS Top 25
• Understanding of code scanning tools for SAST/DAST/SCA
• Understanding of web application security testing tools