Application Security Engineer

Tasks

• Assess application security
• Conduct SAST DAST SCA scans
• Conduct secure code reviews
• Coordinate bug bounty and responsible disclosure
• Create security documentation for developers
• Define application security standards
• Deliver security training and awareness
• Embed security in software development lifecycle
• Evaluate third party libraries and open source components
• Evaluate vendor integrations for security risk
• Integrate security controls into CI/CD pipelines
• Maintain secure coding guidelines
• Perform secrets detection
• Perform threat modeling
• Run penetration testing
• Support incident response for application layer vulnerabilities
• Support security by design for new features
• Triage track and remediate vulnerabilities

Perks/Benefits

• Employee assistance program
• Flexible working
• Hybrid working
• Learning and development opportunities
• Medical insurance
• Paid sick leave
• Paid vacation
• Paid volunteering days
• Pension fund
• Remote work option
• Workplace giving program

Skills/Tech-stack

API Security | AWS | Application Security | Azure | Burp Suite | Business Logic | Business logic flaws | CI/CD | Checkmarx | Code review | DAST | GCP | GitHub Actions | GitLab CI | Go | Java | JavaScript | Jenkins | Logic flaws | OWASP Top | OWASP Top 10 | OWASP ZAP | Penetration Testing | Python | SAST | SCA | Secrets detection | Secure Code | Secure Code Review | Security Testing | Security testing tools | Semgrep | Snyk | Testing tools | Threat modeling | Top 10