Senior Application Security Engineer

about 8 hours ago

Remote, WorldwideSenior

H1B Sponsor

Responsibilities

Lead application security efforts through security assessments, code reviews, and penetration testing.
Identify, classify, prioritize, and track remediation of vulnerabilities.
Maintain application security tools for dynamic testing and automated security scanning.
Collaborate with software development teams to enforce secure coding standards.
Integrate security testing and automation into CI/CD pipelines.
Define and maintain security requirements aligned with industry standards.
Conduct threat modeling, risk assessments, and security design reviews.
Promote security awareness and provide training to development teams.
Respond to security incidents and support remediation efforts.
Recommend and implement new security tools and technologies.
Work in Agile and DevSecOps environments to embed security throughout the software development lifecycle.

Bachelor’s degree in Computer Science, Cybersecurity, or related field.
6-8+ years of experience in application security and vulnerability assessment.
Strong development background with hands-on experience in Kotlin, Java, and TypeScript.
Deep understanding of OWASP Top 10 and common web and API vulnerabilities.
Proficient with security testing tools such as Burp Suite and Fortify.
Experience with secure SDLC and integrating security into CI/CD pipelines.
Familiarity with authentication and authorization protocols like OAuth2 and SAML.
Ability to work effectively with development teams on vulnerability remediation.
Relevant certifications such as CISSP, CSSLP, or OSCP.
Fluency in English.

AWSAzureDockerGoogle Cloud PlatformJavaKotlinKubernetesTypeScript