Application Security Engineer

As an Application Security Engineer at Domo, you will play a crucial role in Domos Secure Development Lifecycle. You will work closely with engineering teams to deliver trusted solutions on the world's best data solutions platform. Your responsibilities will include: - Performing security-focused code reviews - Supporting and consulting with product and development teams in application security, including threat modeling and AppSec reviews - Assisting teams in identifying, reproducing, triaging, and addressing application security vulnerabilities - Supporting bug bounty programs and third-party penetration testing - Assisting in developing security processes and automated tooling to prevent security issues - Leading application security reviews and threat modeling, including code review and dynamic testing - Conducting security testing to validate the use of secure coding best practices - Guiding and advising product development teams on application security for various applications and solutions - Assisting with recruiting activities and administrative work - Developing security training and sharing SDLC material with internal development teams - Participating in initiatives to address multiple vulnerabilities holistically - Serving as a mentor to other AppSec team members - Leading positive changes across the Security organization - Providing expert guidance for team members facing challenges in security reviews - Regular use, reporting, and remediation of SAST, DAST tool findings - Monitoring and influencing configuration and dependency management - Analyzing, implementing, and steering cloud configurations and deployment practices - Advocating for secure and compliant implementations Qualifications required for this role include: - 2 to 6 years of experience in application security or a related field - Proficiency in using GitHub and other repository tools - Experience in identifying security issues through code review - Strong communication skills to articulate complex topics clearly - Familiarity with frameworks such as React, Angular, Vue, Spring, etc. - Understanding of common security flaws and mitigation strategies - Development or scripting experience in Java, Spring, Kotlin, .Net, JavaScript, HTML, CSS, C++, and/or Go - Knowledge of network and web-related protocols - Experience with security libraries, controls, and flaws - Expertise in technical areas impacting product security - Web and mobile penetration testing experience - Experience securing micro-services cloud infrastructure Desired qualifications include: - Experience with Data platforms and/or Domo - Security certifications like CISSP, CEH, or others - Bachelor's or Master's degree in Computer Science, Information Security, or related field - Knowledge of cloud security principles and technologies - Familiarity with container security and orchestration tools like Docker, Kubernetes Location: Pune, India Please note that Domo is an equal opportunity employer.,