More jobs:
Job Description & How to Apply Below
Application Security Engineer
Experience :2 to 5 years
Location :
Alwarpet,Chennai.
Job Summary:
In this role, you will focus on ensuring the security of web applications, mobile applications, and APIs through a combination of proactive security testing, code review, threat modeling, and vulnerability assessments. You will work closely with development teams to integrate secure coding practices and help mitigate risks in the software development lifecycle.
Key Responsibilities:
- Conduct regular security assessments, penetration testing, and vulnerability scans of applications and services.
- Perform static and dynamic analysis on web applications, mobile applications, and APIs to identify and resolve security vulnerabilities.
- Collaborate with engineering teams to implement secure development practices, reviewing code for security flaws and recommending improvements.
- Conduct threat modeling and risk assessments to identify potential security threats and implement appropriate mitigation strategies.
- Assist in the development and execution of security tools, procedures, and frameworks to automate security testing processes.
- Keep up-to-date with the latest security vulnerabilities, exploits, and security best practices.
- Provide technical leadership and mentorship to junior security engineers and developers on security issues.
- Advise on the secure architecture and design of systems, identifying potential security gaps early in the design phase.
- Create and maintain documentation related to security testing, security incidents, and remediation activities.
- Support the incident response team in handling security incidents and provide post-incident analysis.
Required
Skills & Experience:
- 2-5 years of experience in application security or related field.
- Strong knowledge of web and mobile application security vulnerabilities (OWASP Top 10, OWASP Mobile, etc.).
- Experience with penetration testing tools (Burp Suite, OWASP ZAP, etc.) and techniques.
- Familiarity with static and dynamic code analysis tools (Checkmarx, Sonar Qube, etc.).
- Strong understanding of secure coding practices (e.g., input validation, encryption, and authentication).
- Experience in threat modeling and risk assessment techniques.
- Understanding of web application technologies (HTML, JavaScript, CSS, etc.) and backend technologies (Java, .NET, Node.js, Python, etc.).
- Experience with cloud security (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes).
- Knowledge of industry standards and frameworks (ISO 27001, NIST, SOC2, etc.).
- Good understanding of authentication protocols (OAuth, SAML, OpenID, etc.) and encryption algorithms (AES, RSA, TLS, etc.).
- Experience in conducting security code reviews and integrating security into the SDLC.
- Familiarity with CI/CD pipelines and Dev Sec Ops practices.
- Excellent problem-solving skills, analytical thinking, and attention to detail.
- Strong communication skills, with the ability to explain technical security concepts to non-technical stakeholders.
Preferred
Skills:
- Certifications such as OWASP, CISSP, CISM, CEH, or equivalent.
- Experience with automated security testing in CI/CD environments.
- Experience with SAST/DAST tools and their integration into CI/CD pipelines.
- Familiarity with Dev Ops practices and tools.
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×