Application Security Engineer

What you do:

Ensure security and quality of a wide range services and products
Conduct regular security assessments, code inspection, design review and penetration testing on new and existing products to proactively find potential vulnerabilities
Security consulting of implementation and enforcement of secure design principles according to policies, standards and security guideline for web and mobile application
Provide security expertise and guidance to engineering and business teams
Build security tools and monitoring that enables security team to scale
Work with software engineers to analyze security vulnerabilities and follow through with issues until resolution

What you need to succeed in this role:

3 years of experience in application-level vulnerability testing, penetration testing or building software security controls

Experience in identifying and remediating common web and mobile application vulnerabilities such as OWASP Top 10, Mobile Top 10

Experience in use of various commercial and open source penetration testing tools

Foundation in, and in-depth technical knowledge of software development, security engineering, computer and network security, cloud security, authentication, security protocols and applied cryptography

It would be great if you have:
Understanding of modern IT infrastructure; cloud environments (AWS preferred) and Linux containers and orchestration systems (Kubernetes)
Understanding of cryptography, web service frameworks, mobile application architectures, and service architectures
Experience with one or more programming languages (such as Java, C++, Ruby, Python, Perl, Go ) and development framework (Spring Framework, Swift, Kotlin, React Native, ReactJS, VueJS) for the purpose of code review
Application security certification such as CISSP, CSSLP, OSCP, CEH, GPEN