Application Development Security Associate

About TaskUs: TaskUs is a provider of outsourced digital services and next-generation customer experience to fast-growing technology companies helping its clients represent protect and grow their brands. Leveraging a cloud-based infrastructure TaskUs serves clients in the fastest-growing sectors including social media e-commerce gaming streaming media food delivery ride-sharing HiTech FinTech and HealthTech.

The People First culture at TaskUs has enabled the company to expand its workforce to approximately 45000 employees globally. Presently we have a presence in twenty-three locations across twelve countries which include the Philippines India and the United States.

It started with one ridiculously good idea to create a different breed of Business Processing Outsourcing (BPO)! We at TaskUs understand that achieving growth for our partners requires a culture of constant motion exploring new technologies being ready to handle any challenge at a moments notice and mastering consistency in an ever-changing world.

What We Offer: At TaskUs we prioritize our employees well-being by offering competitive industry salaries and comprehensive benefits packages. Our commitment to a People First culture is reflected in the various departments we have established including Total Rewards Wellness HR and Diversity. We take pride in our inclusive environment and positive impact on the community. Moreover we actively encourage internal mobility and professional growth at all stages of an employees career within TaskUs. Join our team today and experience firsthand our dedication to supporting People First.

Overview:
We are looking for an enthusiastic and detail-oriented Associate - Application development Security to join our growing Security this role you will help ensure that security is embedded throughout the Software Development Lifecycle (SDLC) and support the implementation of our DevSecOps program. This position is ideal for individuals at the beginning of their career who are eager to gain hands-on experience in secure application development lifecycle automated security testing and modern DevSecOps practices and cloud security.
So what does an Application Development Security Associate really do Think of yourself as someone who will do the application design reviews security testing critical code reviews and Business document review help in the remediation and mitigation of audit findings in adherence to standards and safe practices conduct research on emerging practices services protocols and standards in support of system security and compliance enhancement and development efforts. Work closely with the development team to build secure software.

Responsibilities:

Secure Software Development Lifecycle (SSDLC):
Collaborate with developers and architects to incorporate security requirements during design and
development phases.
Assist in building and maintaining secure coding guidelines and policies aligned with industry standards
(e.g. OWASP NIST).
Support threat modeling risk assessments and security design reviews for new applications and features.
Participate in security-focused reviews during code commits builds and releases.

Security Testing & Vulnerability Analysis:
Execute automated and manual security testing (SCA SAST DAST) across applications during development
and UAT phases.
Should be able to perform Software Composition Analysis Perform secure code review and tests on critical products and features
Use security tools (e.g. Snyk Burp Suite Invicti) to identify validate and triage security vulnerabilities.
Identify security flaws and suggest remediations based on Open Web Application Security Project
(OWASP) and other secure Software Development Life Cycle (SDLC) standards and frameworks.
Support remediation efforts by working with developers to explain findings and recommend secure
alternatives.
Maintain records of vulnerabilities false positives and mitigation strategies.

DevSecOps Integration
Work with CI/CD pipelines to automate security checks and enforcement (e.g. GitHub Actions Jenkins).
Integrate and maintain tools such as SAST SCA DAST container scanning and secret detection in the
pipeline.
Assist in monitoring and triaging vulnerabilities discovered during builds and deployments.

Security Awareness & Compliance
Participate in security training and evangelize secure coding practices across development teams.
Support the maintenance of security documentation standards and guidelines.
Help ensure adherence to compliance requirements (e.g. OWASP Top 10 NIST ISO 27001).

How We Partner To Protect You: TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs.

DEI: In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds demographics and circumstances. Inclusive and equitable practices are our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodations in any part of the hiring process please let us know.

We invite you to explore all TaskUs career opportunities and apply through the provided URL Experience:

IC