Senior Application Security Engineer

Senior Application Security Engineer
Seeks a skilled professional to assist with Application Security Engineering. We are interested in candidates with a strong development background and sizable exposure to Cybersecurity functions and environments. Additionally, we value experience and adaptability to rapidly changing tools and technologies.

Required:
• 10+ years of overall hands-on technical experience in software development Java or Python or similar stacks.
• 5+ years of secure coding practices, security controls and DevSecOps experience
• 4+ year of vulnerability management risk scoring such as CVSS, CVE and related schema and scoring concepts.
• 3+ years of experience orchestrating risk and control-related resolutions across a diverse set of departments
• Experienced in co-ordination with technical and non-technical stakeholders.

Preferred:
• Hands-on Reporting and dashboards exp using any of the reporting tools such as PowerBI, MicroStrategy.
• Scripting and automation experience (Ansible, Terraform)
• Experience with AWS cloud or other public cloud offerings
• Knowledge of OWASP
• Certifications in the area of CyberSecurity (CISSP, CISM, CEH, OSCP etc.,)

Responsibilities & Qualifications:
• Collaborate with central vulnerability tooling teams to contribute to program maturation in support of vulnerability management activities.
• Provide information security consultation for aspects of security reviews, risk remediation, and secure coding practices.
• Collaborate and consult with peers, colleagues, and teams resolve issues and achieve goals.
• Coordinate with vendors on third party to leverage product capabilities and customize them to meet the requirements.
• Work closely with leadership, infrastructure, product development, and DevOps team members to assess risk, develop options, and implement solutions.
• Interact with Technical teams on threat attack vectors, risks, and related analysis details.
• Knowledge of common networking ports and protocols, application security, and common security elements
• Using REST API to fetch data from security vendor tools using python or other such scripting.
• Experience and good understanding of configuration and troubleshooting the WAFs, Load balancers and API gateways.
• Able to understand security and actively contribute to them for the newer projects both on cloud and on-prem.
• Experience in technical writing/editing, to create or review/edit technical security documentation.