Application Security Engineer

3-5 Years of experience

12-15 LPA

Immediate to 60 days

Application Security Engineer

Job Description:

Responsibilities:

Vulnerability Assessment:

• Prepare Plan for VAPT of IT assets as per the priority and criticality to Business
• Conduct regular security assessments and code reviews to identify vulnerabilities in web and mobile applications.
• Utilize automated tools and manual testing techniques to assess application security.
• Addressing all identified observations from VAPT results as per SLA defined for category of CVEs

Security Architecture:

• Collaborate with development teams to integrate security into the Software Development Life Cycle (SDLC).
• Design and implement security controls to protect applications from threats and attacks.

Incident Response:

• Participate in incident response activities related to application security incidents.
• Investigate and analyze security incidents, providing detailed reports and recommendations.

Security Training:

• Develop and deliver security training sessions for development teams to enhance awareness and understanding of secure coding practices.

Security Standards:

• Ensure compliance with industry standards and regulations related to application security.
• Stay informed about the latest security trends, vulnerabilities, and mitigation techniques.

Security Testing:

• Conduct penetration testing and ethical hacking exercises on applications to identify and address security weaknesses.
• Implement and manage security testing tools and frameworks.

Documentation:

• Create and maintain comprehensive documentation related to application security processes, guidelines, and incident responses.

Collaboration:

• Work closely with cross-functional teams, including developers, system administrators, and quality assurance, to implement effective security measures.
• Collaborate with external security experts and vendors as needed.

Requirements:

Education:

Bachelor's degree in Computer Science, Information Technology, or a related field.

Certifications:

Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Offensive Security Certified Professional (OSCP) are advantageous.

Experience:

Proven experience in application security, including vulnerability assessment, code review, and incident response.

Familiarity with secure coding practices and common security vulnerabilities.

Skills:

Proficient in using application security testing tools.

Strong understanding of web application security, mobile application security, and API security.

Communication:

Excellent communication skills to effectively convey security concepts to technical and non-technical stakeholders.

Analytical Skills:

Strong analytical and problem-solving skills to assess and mitigate security risks effectively.

Team Collaboration:

Ability to work collaboratively in a team environment and contribute to a culture of continuous improvement in application security.