Application Security Engineer

Job Summary  
As an Application Security Engineer, you will join our rapidly growing Cybersecurity team and will be responsible for ensuring that applications are designed, developed, and deployed with robust security measures in place. This role involves working closely with development teams to identify, mitigate, and prevent potential security vulnerabilities throughout the software development lifecycle. 

What You’ll Do 

• Mature security integration into Software Development Lifecycle.
• Collaborate with development team and facilitate code reviews and vulnerability identification
• Perform Treat modeling and risk assessments
• Asist in Incident response and remediation of identified security related events
• Oversee security tooling and automation as it relates to software vulnerabilities

What We Need 

• 3+ years of experience in application security, software development, or a similar role. 
• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field. 
• Proficiency in programming languages (e.g., Python, Java, Java Spring Boot, JavaScript).
• Experience with security testing tools (e.g., Burp Suite, Checkmarx, OWASP ZAP, SonarQube).
• Demonstrable understanding of encryption, authentication protocols, and identity management. 
• Strong understanding of web application security, cloud security, and mobile app security.
• Proficient guiding development teams understanding best practices in secrets management. 

Desired Qualifications 

• Relevant industry certifications 
• Certified Information Systems Security Professional (CISSP) 
• Certified Secure Software Lifecycle Professional (CSSLP) 
• Certified Ethical Hacker (CEH) 
• GIAC Web Application Penetration Tester (GWAPT) 

What You’ll Need to Succeed 

• Exceptional organizational skills 
• Strong problem-solving skills and ability to work independently. 
• Excellent communication and collaboration skills, supporting multifunctional teams 
• Ability to explain complex security issues in a clear and concise manner to non-technical stakeholders. 
• Curiosity and continuous learning