Application Security Engineer

CredPal is a leading financial technology company that offers a comprehensive range of financial solutions including credit cards and investment opportunities to empower individuals. Our mission is to revolutionize access to credit and investment enabling individuals to take charge of their financial wellbeing.

Job Title: Application Security Engineer

Department: Product & Engineering

Job Type: Full Time/Hybrid

Level: MidLevel

Purpose Statement

We are looking for a skilled Application Security Engineer to join our team and contribute to the safeguarding of our digital assets. As an Application Security Engineer your purpose is to fortify our systems against cyber threats ensuring the integrity and confidentiality of our applications. Join us in the mission to build and maintain a secure digital environment protecting our organization and user data from potential vulnerabilities and attacks.

Responsibilities

• Vulnerability Assessment: Conduct thorough assessments of application code and infrastructure to identify potential vulnerabilities.
  

• Security Architecture: Collaborate with development teams to integrate security measures into the application architecture ensuring robust protection.
  

• Code Review: Perform regular and systematic reviews of application code for security flaws and adherence to secure coding practices.
  

• Penetration Testing: Conduct penetration testing to simulate realworld attacks and identify weaknesses in application security defenses.
  

• Security Tool Management: Oversee and manage security tools and technologies used for application security testing and monitoring.
  

• Incident Response: Develop and implement incident response plans to address security incidents promptly and effectively.
  

• Security Awareness Training: Provide training to development teams on secure coding practices and emerging security threats.
  

• Compliance Management: Ensure applications adhere to industry standards and regulatory requirements related to security.
  

• Security Documentation: Create and maintain documentation related to security policies procedures and best practices for applications.
  

• Continuous Monitoring: Implement continuous monitoring solutions to detect and respond to security events in realtime ensuring proactive threat mitigation.
  

Requirements

• Bachelor s in Computer Science Information Security or a related field.
  

• Minimum of 35 years of professional experience in application security engineering in financial institutions/FinTech.
  

• Industryrecognized certifications such as CISSP CEH or CSSLP are highly desirable.
  

• Proficiency in at least one programming language for indepth code analysis.
  

• Familiarity with application security tools such as SAST DAST and RASP.
  

• Experience in threat modeling to assess and mitigate potential risks in application architecture.
  

• Strong understanding of Secure Software Development Life Cycle (SDLC) practices.
  

• Indepth knowledge of web application technologies frameworks and protocols.
  

• Familiarity with security standards and frameworks such as OWASP NIST or ISO 27001.
  

• Excellent verbal and written communication skills for effective collaboration and documentation.
  

• Willing to resume immediately.
  

Benefits

• Professional development opportunities.
  

• A collaborative and inclusive work culture that fosters growth and innovation.
  

• Opportunity to work with cuttingedge products and technologies.
  

• Supportive and approachable management team dedicated to your success.