Application Security Engineer

What you will be doing:

• Perform design and architecture review of new features, suggest security requirements
• Collaborate with DevOps and engineering teams, advising on security features and best practices in SDLC
• Utilize static security scanning tools, review findings and coordinate remediation actions
• Perform ongoing manual security assessments
• Review the results of external penetration tests and communicate suggested fixes to development teams
• Provide on-demand support on application security topics
• Drive process improvement ideas
• Assist with vetting and intake of defects from 3rd party security researchers via our Bug Bounty program

What you will bring to the role:

• 3 - 5 years of experience in the application security field
• Bachelors or Master Degree in related field of expertise
• Knowledge of secure coding best practices and industry standards (such as OWASP) and the ability to apply them to different programming languages
• Familiarity with SDLC and DevSecOps concepts and hands-on experience in implementing them
• Knowledge and/or hands on experience with identifying A.I. threats in a security landscape
• Experience in using static and dynamic security scanning tools (such as BurpSuite, ZAP, and Snyk, or other related technologies)
• Experience with programming languages such as Python is preferred
• Ability to explain application security threats and mitigation options to both developers and project managers
• Good communication skills in written and verbal English
• Experience and/or knowledge in securing applications within cloud platforms (AWS, Azure) and containerized environments (Docker, Kubernetes)
• Participation in CTF challenges and bug-bounty programs

Diversity, Inclusion, and Equal Opportunity