Architect

Essential job tasks

Job Title: Senior Application Security Consultant
Job Summary: We are seeking a highly skilled and experienced Senior Application Security Consultant to join our team. The successful candidate will have a deep understanding of security practices and possess expertise in running programs based on Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Penetration Testing, Red Teaming, and Bounty Hunting at an organizational level. This role involves leading teams and hands-on identifying, analyzing, and mitigating security vulnerabilities in applications and systems, as well as leading security initiatives across the organization.
Key Responsibilities:
•    Conduct DAST and SAST to identify and remediate security vulnerabilities in applications.
•    Perform comprehensive penetration testing to assess the security posture of applications and infrastructure.
•    Lead Red Team engagements to simulate advanced persistent threat scenarios and assess the effectiveness of security controls.
•    Develop and implement security policies, standards, and best practices for application security.
•    Collaborate with development teams to integrate security into the software development lifecycle (SDLC).
•    Conduct application security assessments, including threat modelling, vulnerability assessments, and penetration testing.
•    Ensure secure software deployment through continuous integration and delivery (CI/CD) pipelines.
•    Knowledge of Cybersecurity trends & hacking techniques, MITRE ATT&CK framework with hacker mindset.
•    Engage in bounty hunting activities to discover and report security vulnerabilities in our products and services.
•    Develop and implement security policies, procedures, and best practices at the organizational level.
•    Collaborate with cross-functional teams to integrate security measures into the software development lifecycle.
•    Provide mentorship and guidance to junior security engineers and other team members.
•    Stay updated with the latest security trends, threats, and technologies to ensure our defenses are always ahead of potential risks.
•    Work closely with cross-functional teams (DevOps, Development, IT, Security) to address security challenges and support business objectives.
•    Provide leadership in the security aspects of digital transformation initiatives.
•    Liaise with external vendors for security assessments and compliance audits
Required Qualifications:
•    Bachelor’s degree in Computer Science, Information Security, or a related field.
•    10+ years of experience in application security, with a focus on DAST, SAST, penetration testing, Red Teaming, and bounty hunting.
•    Strong understanding of security frameworks and standards (e.g., OWASP, NIST, ISO 27001).
•    Proven experience with security tools such as Burp Suite, Kali Linux, Nessus, Metasploit, SNYK, ArmorCode, Nucleus Security and others.
•    Excellent problem-solving skills and attention to detail.
•    Strong communication and leadership skills.
•    Preferred relevant certifications such as OSCP, CEH, CISSP, or equivalent.

Preferred Qualifications:
•    Master’s degree in Information Security or a related field.
•    Experience with cloud security and securing cloud-native applications.
•    Familiarity with DevSecOps practices and tools.