The Application Security Engineer will be pivotal in integrating security into our development and operations processes. As an expert in development and security, the ideal candidate will foster a culture of shared security responsibility across the entire organization. This position requires a balance of application security know-how and some DevOps experience.
Key Responsibilities
- Secure Software Development: Ensure security measures are embedded throughout the development lifecycle.
- Tool Management: Manage security tools and solutions.
- Security Assessments: Perform regular security assessments, code reviews, and penetration tests.
- Automation: Integrate security tools, standards, and processes into the CI/CD pipeline and KPI reporting.
- Collaboration: Partner closely with IT and development teams to ensure secure architectural designs and to address application security concerns.
- Training & Culture: Advocate for a strong security culture and provide development teams with secure coding training and resources to help them build secure applications from the start.
- Documentation: Maintain DevSecOps and secure software development documentation to ensure accuracy.
- Continuous Learning: Stay updated with security trends, vulnerabilities, and best practices.
Minimum Qualifications
- Bachelor's degree in Computer Science, IT, or related field.
- 2+ years of proven experience in a similar role.
- A strong understanding of the OWASP Top 10 vulnerabilities.
- Proficiency in Python, basic JavaScript, Bash, Powershell, and C# knowledge.
- Hands-on experience with CI/CD tools and integrating security into DevOps processes.
Read Full Description