Job Description: Senior Application Security Engineer
We are seeking an experienced professional with a strong background in application security, programming, and development to join our team. The Senior Application Security Engineer will work closely with development teams to guide secure coding practices, perform threat modeling, and ensure the integrity of application security throughout the development lifecycle.
Responsibilities:
- Collaborate with development teams to integrate secure coding practices
- Conduct application security assessments, including vulnerability testing, penetration testing, and security profile verification.
- Guide teams in implementing security controls, with a focus on automated security enforcement in the development process.
- Conduct threat modeling against complex systems to identify potential risks and recommend mitigation strategies.
- Oversee automated scanning processes, analyze and address false positives, and improve testing capabilities to ensure accurate vulnerability detection.
- Provide coaching and support to development teams, enabling them to integrate security within the software development lifecycle.
- Liaise with internal IT teams and business technologists to discuss new systems and provide secure implementation guidance.
- Review security toolsets and maintain best practices for application security, with an emphasis on cloud environments such as Azure and AWS.
Requirements:
- Overall 7 years experience plus
- Strong background in software development, with a transition into mid-level or senior-level security roles.
- Hands-on experience in application security and vulnerability management.
- Expertise in application testing, threat modeling, and the implementation of automated security controls.
- Familiarity with cloud platforms (Azure and AWS) and cloud security best practices.
- Relevant certifications to Cloud Security Architect & Security Engineering
- Bachelor's degree in Computer Science, Information Security, or a related field.