AppSec Engineer

MW Partners is currently seeking a AppSec Engineer to work for our client who is a leader in the insurance industry.

Responsibilities:

• Review detected vulnerabilities filtering falsepositive results and assisting developers as questions arise from findings Advocate for OWASP Application Security Verification Standard (ASVS) as an internal standard Supporting standardscompliance in secure system development support assessment remediation and configuration/change management Conduct security assessments on application code and applications for security flaws identify potential areas of improvement and provide actionable recommendations to developers.
• Collaborate with crossfunctional teams to ensure that security best practices are incorporated into the design and architecture of our applications.
• Keep abreast of the latest security trends vulnerabilities and attack vectors and proactively identify potential risks to our applications.
• Proven experience with cloud security posture management and runtime protection Conduct continuous cloud security testing Hands on experience with cloud native application protection in AWS Azure and/or GCP Experience performing threat modeling with application teams

Requirements:

• Bachelors Degree in Computer science
• Proficiency with application security testing technologies such as SAST DAST SCA IaC IAST RASP Container Image Scanning etc.
• Knowledge of common security vulnerabilities and best practices for remediation. Experience with security assessment tools such as static analysis tools dynamic scanners and opensource library scanners.
• Awareness of application security across multiple verticals such as cloud/service provider security provider mobile appliance Experience with source code management and AppSec testing tools Understanding of CI/CD Automation Familiarity with secure coding standards and practices such as OWASP Top 10 OWASP Top 10 API.
• Familiar with building repeatable and automated security test suites Experience in application security secure coding vulnerability assessment and remediation.
• Understanding of web application architecture including frameworks APIs and protocols.
• Proficiency in programming languages commonly used in application development such as Java C# Python or JavaScript.
• Knowledge of key security configurations for services such as EC2 S3 RDS and EKS Strong customer service skills
• Customer Service Oriented Amazon Web Services Vulnerability Assessment Scanning Coding Standards
• Api Cloud Security Python Change Management System Development Application Architecture Retail Sales Aws Certified Information Security Amazon Elastic Compute Cloud Continuous Integration/Delivery Coding Gcp

For a confidential discussion or to find out more contact Nitin Kuntiya onor apply now.