The Application Security Engineer is responsible for ensuring the security of applications in use by the company. This includes conducting security assessments, implementing security measures, and providing guidance and expertise to development teams. The Application Security Engineer will work closely with stakeholders to identify and mitigate vulnerabilities, protect sensitive data, and ensure compliance with security standards.
Responsibilities:
- Conduct security assessments of applications, including threat modeling, vulnerability scanning, and code review.
- Identify security risks and provide recommendations for remediation.
- Implement security controls and measures to protect against identified risks.
- Work closely with development teams to integrate security principles and best practices into the software development lifecycle.
- Collaborate with stakeholders to ensure compliance with security standards and regulations.
- Maintain up-to-date knowledge of application security threats and mitigation techniques.
- Participate in incident response activities related to application security incidents.
Requirements
Requirements:
- Bachelor's degree in Computer Science or related field.
- Minimum of 5 years of experience in application security or related role.
- Strong knowledge of web application security principles and common vulnerabilities (e.g. OWASP Top 10).
- Experience with web application security assessment tools (e.g. Burp Suite, OWASP ZAP).
- Familiarity with secure coding practices (e.g. secure coding guidelines, input validation, output encoding).
- Knowledge of secure development frameworks and libraries (e.g. Spring Security, .NET Core Security).
- Understanding of encryption, authentication, and authorization mechanisms.
- Experience with security incident response and handling.
- Ability to communicate technical concepts to non-technical stakeholders.
- Security certifications (e.g. CSSLP, GWAPT, CISSP) are a plus.
•
Last updated on Jul 6, 2024