Application Security Engineer (L1)

Job Description: Application Security Engineer (L1)

Role Overview

We are looking for an Application Security Engineer (L1) to join our security team. This is an entry-level position requiring at least 1 year of hands-on experience in application security testing. You will work on identifying and reporting vulnerabilities across web, mobile, API, and thick client applications while collaborating with senior engineers to improve application security.

Key Responsibilities

• Perform vulnerability assessments and penetration tests for web, mobile, API, and thick client applications.

• Identify and document application flaws, misconfigurations, and business logic issues.

• Assist in providing remediation guidance to developers and stakeholders.

• Prepare security testing reports and maintain accurate documentation.

• Stay updated with evolving security threats, tools, and methodologies.

Required Skills

• Good understanding of OWASP Top 10 and common application vulnerabilities.

• Knowledge of security testing tools such as Burp Suite, OWASP ZAP, Postman, or MobSF.

• Familiarity with secure coding principles and application architectures.

• Basic programming/scripting knowledge (Python, Java, JavaScript, or C#).

• Strong problem-solving and analytical mindset.

Preferred Qualifications

• Bachelor’s degree in Computer Science, Information Security, or related field.

• Hands-on experience with Capture the Flag (CTF) challenges, bug bounty programs, or security labs.