Description
Job Responsibilities:
- Perform security assessments and manual penetration testing using tools such as Burp Suite and other proxy tools.
- Triage static (SAST), dynamic (DAST), interactive (IAST) analysis results to identify, prioritize and remediate security vulnerabilities.
- Integrate security practices into C/CD pipeline to support DevSecOps initiative.
- Maintain documentation of security findings, remediation plans, and compliance requirements
- Develop and interpret security policies and procedures Participate in security compliance efforts
- Develop and deliver training materials and perform general security awareness and specific security technology training
- Evaluate and recommend new and emerging security products and technologies
- Leverage GenAI technologies to scale application security reviews and automate code analysis
- Evaluate various application security tools/capabilities i.e., SAST,DAST, IaC, Secrets detection tools]
- Stay current with emerging security threats and countermeasures.
- Ability to train or explain the common security issues to raise the security awareness among developers and assurance engineers.
- Perform AWS configuration reviews
Qualifications:
- Bachelor's degree in a technical field such as computer science, computer engineering or related field required
- 5+ years of experience required in Cyber security and application security
- Familiarity with SAST, DAST, IAST tools.
- Understanding of AWS is required
- Deep understanding of OWASP top issues and remediation guidelines.
- Proficiency in one or more programming language ( Java, Python, JavaScript is preferred)
- Understanding of CI/CD tools such as Jenkins and GITLAB.
- Familiarity with GenAI tools is a plus.
- Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
- Candidates with software development background is a plus
- Consistent implementation of security solutions
- Experience in infrastructure or application-level vulnerability testing and auditing
- Certifications like GWAPT, OSWE, Burp Suite Certified Practitioner are good to have
Key Skills
Education
Any Graduate
- Posted On: Today
- Experience: 5+ years of experience
- Openings: 2
- Category: Application Security Engineer
- Tenure: Flexible Position