Application Security Engineer
Hyderabad
Applications have closed
Appen
See how Appen provides data to improve AI, guide our customers to driving innovation, accelerating AI development, and staying ahead of the competition.
About Appen
Appen is a leader in AI enablement for critical tasks such as model improvement, supervision, and evaluation. To do this we leverage our global crowd of over one million skilled contractors, speaking over 180 languages and dialects, representing 130 countries. In addition, we utilize the industry's most advanced AI-assisted data annotation platform to collect and label various types of data like images, text, speech, audio, and video.
Our data is crucial for building and continuously improving the world's most innovative artificial intelligence systems and Appen is already trusted by the world's largest technology companies. Now with the explosion of interest in generative AI, Appen is helping leaders in automotive, financial services, retail, healthcare, and governments the confidence to deploy world-class AI products.
At Appen, we are purpose driven. Our fundamental role in AI is to ensure all models are helpful, honest, and harmless, so we firmly believe in unlocking the power of AI to build a better world. We have a learn-it-all culture that values perspective, growth, and innovation. We are customer-obsessed, action-oriented, and celebrate winning together.
At Appen, we are committed to creating an inclusive and diverse workplace. We are an equal opportunity employer that does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Position SummaryAn Application Security Engineer at Appen AI plays a pivotal role in ensuring the development of secure applications. Working closely with engineering teams and the Information Security group, this individual ensures that Appen applications are crafted with security at their core.
Appen is a leader in AI enablement for critical tasks such as model improvement, supervision, and evaluation. To do this we leverage our global crowd of over one million skilled contractors, speaking over 180 languages and dialects, representing 130 countries. In addition, we utilize the industry's most advanced AI-assisted data annotation platform to collect and label various types of data like images, text, speech, audio, and video.
Our data is crucial for building and continuously improving the world's most innovative artificial intelligence systems and Appen is already trusted by the world's largest technology companies. Now with the explosion of interest in generative AI, Appen is helping leaders in automotive, financial services, retail, healthcare, and governments the confidence to deploy world-class AI products.
At Appen, we are purpose driven. Our fundamental role in AI is to ensure all models are helpful, honest, and harmless, so we firmly believe in unlocking the power of AI to build a better world. We have a learn-it-all culture that values perspective, growth, and innovation. We are customer-obsessed, action-oriented, and celebrate winning together.
At Appen, we are committed to creating an inclusive and diverse workplace. We are an equal opportunity employer that does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Position SummaryAn Application Security Engineer at Appen AI plays a pivotal role in ensuring the development of secure applications. Working closely with engineering teams and the Information Security group, this individual ensures that Appen applications are crafted with security at their core.
Key Responsibilities
- Experience: Minimum 2-4 years of experience in application security.
- Expertise: Deep familiarity with the OWASP Top 10 and other web application security concerns, including OWASP Application Security Verification Standards (ASVS).
- Security Tools: Familiarity with SAST, DAST, and SCA scans, as well as a strong understanding of OWASP ASVS. Ability to interpret and assess CVEs identified by scanning tools.
- Knowledge: Advanced understanding of front-end and back-end web application development in at least one technology stack (.NET, Java, PHP, Ruby on Rails, Angular, Node.js, etc.).
- Continuous Learning: Demonstrated ability to stay current with trends, techniques, tools, and processes to enhance the security posture of applications.
- Communication: Excellent verbal and written communication skills, including technical writing abilities.
- Team Collaboration: Team-oriented mindset with the ability to produce high-quality work within a fast-paced, dynamic team environment.
- Availability: Ability to work across different time zones and collaborate effectively with geographically dispersed teams.
Responsibilities
- Shift-Left Security in Software Development Life Cycle (SDLC): Implementing security practices from the early stages of application development.
- Security Testing and Implementation: Providing guidelines and implementing tools for Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Web Application Firewall (WAF), and Runtime Application Self-Protection (RASP).
- Security Tools Utilization: Leveraging security tools like Kali Linux, Burp Suite, Orca, AWS Web Application Firewall (WAF), and other relevant security tools.
- Coaching and Guidance: Offering coaching and guidance to development teams on security remediation efforts, integrating security scans into their pipelines, and incorporating dependency scans into the development process.
- Threat Awareness and Training: Keeping the teams updated on new application threats and remediation techniques through ongoing improvements and awareness training.
- Identity-Related Best Practices: Providing guidance on OpenID Connect (OIDC), OAuth2, and other identity-related best practices for web and mobile applications.
- Collaboration and Risk Prioritization: Collaborating with the Information Security (InfoSec) team to prioritize applications and vulnerabilities based on risk.
- Documentation and Communication: Maintaining strong documentation and communicating effectively with diverse teams, both verbally and in writing.
- Cloud Security: Proficiency in managing security aspects within AWS or GCP adds significant value to the experience.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
19
4
0
Categories:
AppSec Jobs
Security Engineering Jobs
Tags: Application security Artificial Intelligence AWS Burp Suite Cloud DAST Finance Firewalls GCP Generative AI Java Kali Linux Node.js OpenID OWASP PHP Ruby SAST SDLC Vulnerabilities
Perks/benefits: Career development
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Systems Security Officer jobsSenior Cybersecurity Engineer jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Specialist jobsInformation Security Manager jobsSecurity Consultant jobsSenior Network Security Engineer jobsCyber Security Specialist jobsIT Security Engineer jobsSecurity Specialist jobsSenior Information Security Analyst jobsIT Security Analyst jobsSenior Cyber Security Engineer jobsSenior Penetration Tester jobsSystems Engineer jobsChief Information Security Officer jobsSystems Administrator jobsStaff Security Engineer jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobsSenior Product Security Engineer jobsSecurity Operations Analyst jobsPrincipal Security Engineer jobsInformation Systems Security Engineer jobs
EDR jobsPowerShell jobsEncryption jobsGDPR jobsDevSecOps jobsSaaS jobsIDS jobsSplunk jobsIPS jobsSDLC jobsRMF jobsTop Secret jobsSQL jobsThreat detection jobsIntrusion detection jobsBash jobsActive Directory jobsDoDD 8570 jobsOWASP jobsITIL jobsCompTIA jobsDocker jobsGIAC jobsUNIX jobsFinance jobs
CRISC jobsCISO jobsIndustrial jobsTCP/IP jobsClearance Required jobsHIPAA jobsBanking jobsJavaScript jobsTerraform jobsIT infrastructure jobsOSCP jobsSOC 2 jobsSANS jobsVPN jobsMITRE ATT&CK jobsCCSP jobsSOAR jobsJira jobsSOX jobsDNS jobsPolygraph jobsGCIH jobsData Analytics jobsNIST 800-53 jobsMachine Learning jobs