Secure Coding Engineer

Key Responsibilities:

• Lead security design reviews for applications, components, and services.
   
• Execute manual and automated security tests to identify vulnerabilities across web, mobile, and microservices.
   
• Continuously research and apply modern security testing and discovery techniques.
   
• Contribute to secure coding strategies and help shape mid- to long-term plans for improving the bank's security testing practices.
   
• Drive secure coding and automated testing efforts within the development lifecycle.
   
• Prioritize, track, and resolve security issues and risks.
   
• Perform unit, integration, and assembly testing with a focus on security.
   
• Integrate security testing into CI/CD pipelines for continuous assurance.
   

Qualifications:

• Minimum 5 years of experience in application development or security engineering.
   
• Strong foundation in software engineering and programming.
   
• Experience with secure coding practices and common application security frameworks.
   
• Familiarity with SDLC and ability to embed security into every stage (minimum 3 years experience in SDLC).
   
• Knowledge of OWASP Top 10 and common vulnerability management techniques.
   
• Experience working with CI/CD pipelines and modern DevSecOps environments.
   

Preferred Skills:

• Hands-on experience with security testing tools (e.g., Burp Suite, OWASP ZAP, SAST/DAST tools).
   
• Familiarity with cloud security principles and microservices architecture.
   
• Ability to clearly communicate technical findings to both engineers and non-technical stakeholders.
   
• A mindset focused on continuous improvement, innovation, and collaboration.