Application Security Engineer

The top 3-5 skills are: Comptia Security or equivalent deep understanding of security vulnerabilities in multiple programming languages (e.g. Python Java JavaScript C#) experience developing automation solutions using Python Java or PowerShell.

Description:

What youll Do:

Key Responsibilities
Ability to identify triage and remediate issues such as injection flaws insecure deserialization and misconfigurations.
Integrate and manage SAST and DAST tools within CI/CD pipelines.
Collaborate with development teams to remediate vulnerabilities and enforce secure coding standards.
Design and implement guardrails for AI-powered applications mitigating risks like prompt injection model inversion and data poisoning.
Develop and maintain security policies procedures and documentation.
Conduct security assessments and provide actionable recommendations.
Analyze complex problems and implement effective solutions or workarounds.
Mentor junior engineers and promote security awareness across teams.
Build and maintain CI/CD pipelines using tools like CloudBees Jenkins Buddy UrbanCode etc.
Develop automation solutions using Python Java or PowerShell.
Work with APIs endpoints and databases to develop integrated security solutions.
Use IDEs such as Visual Studio Visual Studio Code Eclipse for secure development and debugging.
Implement and manage GitHub Advanced Security features including code scanning secret scanning and Dependabot alerts.
Apply extensive experience working with DevOps tools such as GitHub including workflows actions and advanced workflow automation.

Understand and remediate security vulnerabilities across multiple programming languages.
Work with Azure Resource Manager (ARM) and scripting tools including PowerShell Azure CLI JavaScript Shell scripts Python or similar.
Collaborate within an Agile team environment using Azure DevOps.
Familiarity with OWASP Dependency-Check and similar tools to manage third-party risks

Required Qualifications
Minimum 8 years of experience in application security or software engineering with a security focus.
Strong programming skills in one or more languages (e.g. Python Java JavaScript C#).
At least 3 years of experience developing automation solutions using Python Java or PowerShell.

Preferred Qualifications
Hands-on experience with SAST and DAST tools (e.g. Veracode GitHub)
Deep understanding of security vulnerabilities in multiple programming languages (e.g. Python Java JavaScript C#).
Solid understanding of OWASP Top 10 and familiarity with SANS Top 25 vulnerabilities.
Experience with AI security concepts and mitigation strategies.
CompTIA Security certification or equivalent.
Experience with cloud-native security (AWS Azure GCP).
Experience developing solutions that combine data from APIs endpoints and databases.
Outstanding communication and strong analytical skills.
Ability to function effectively in a globally diverse work environment.
Clearly communicates risks solutions and security posture to technical and non-technical stakeholders.
Experience with GenAI risk mitigation (e.g. prompt injection data leakage).
Knowledge of container security and infrastructure-as-code scanning.
Certifications such as CISSP OSCP or GIAC are a plus.