Location: Remote

Position Type: Contract

Posted: Jan 2024

 

Job Description: We are seeking a talented and experienced Senior Application Security Engineer to join our team. The Senior Application Security Engineer will be responsible for leading the design, implementation, and management of application security measures to protect our software products from cyber threats and vulnerabilities. The ideal candidate will have a strong background in application security, hands-on experience with secure coding practices, and a deep understanding of web application vulnerabilities and attack vectors.

​

Responsibilities:

• Lead the development and implementation of application security strategies, policies, and procedures to ensure the security of our software products throughout the development lifecycle.

• Conduct security assessments and code reviews of applications to identify and remediate security vulnerabilities and weaknesses.

• Develop and implement secure coding standards and best practices for developers to follow, including providing guidance and training on secure coding techniques.

• Collaborate with cross-functional teams, including software developers, architects, and product managers, to integrate security requirements into the software development process and ensure that security is built into our applications from the ground up.

• Stay updated on emerging threats, vulnerabilities, and security technologies related to application security, and provide recommendations for improving our security posture.

• Lead incident response efforts related to application security incidents, including investigating security breaches, analyzing root causes, and implementing corrective measures to prevent future incidents.

​

Requirements:

• Bachelor's degree in Computer Science or Information Technology, or Military, or relevant certifications.

• 3-5 years of experience in application security engineering or related roles.

• In-depth knowledge of web application security vulnerabilities, such as OWASP Top 10, and secure coding practices.

• Hands-on experience with application security testing tools, such as SAST, DAST, and IAST tools.

• Strong understanding of software development methodologies, including Agile and DevOps practices.

• Experience with secure coding languages and frameworks, such as Java, .NET, Python, or Node.js.

• Relevant certifications (e.g., Certified Application Security Engineer (CASE), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP)) preferred.

• Excellent analytical, problem-solving, and communication skills.

• Ability to work independently and collaboratively in a fast-paced environment.