Job Title: Application Security Engineer (Initial Validation & Assessment) Engagement Type: Short-Term Contract/Collaboration (Assessment Phase) with immediate opportunity for a full-time, long-term role upon successful project phase completion. About the Opportunity (Confidential Project): We are a specialized technology development team creating a sophisticated Data Analytics and Predictive Modeling solution for a high-security industry client. The success of this project hinges on the security, integrity, and confidentiality of the entire data-to-model pipeline. We are looking for an Application Security Engineer to collaborate on a critical initial validation phase to secure the demonstrator product before a major client presentation. This is a high-impact, short-term contract designed to serve as a mutual assessment—if the security validation phase is successful, this position will immediately transition into a core, long-term engineering role. Key Responsibilities for this Collaboration (The Initial Assessment Phase): This phase focuses on embedding security assurance directly into the existing codebase and architecture. 1. Application and Codebase Security Review: Secure Code Review: Perform a targeted, hands-on review of the source code (primarily data processing scripts, APIs, and the application layer) to identify common and uncommon application-level vulnerabilities. Security Architecture Consultation: Review the proposed design for the data ingestion and modeling environment to ensure security principles are integrated for scalability and compliance. Vulnerability Remediation Advisory: Collaborate directly with Data and ML engineers to provide clear, pragmatic, and secure coding fixes for any vulnerabilities discovered. 2. Offensive Validation and Testing (Penetration Focus): Conduct Penetration Testing on the working prototype, focusing on authentication mechanisms, API security, and the integrity of data flow within the application environment. Validate controls related to data handling to ensure confidentiality and integrity are maintained from input through output. 3. Documentation and Presentation Support: Document all security findings, demonstrated exploits, and final recommended countermeasures in a clear, professional format. Contribute security insights and assurance documentation necessary for the upcoming client presentation. Candidate Profile: We require a candidate who operates as an engineer first, with a strong offensive security skillset. Experience: Min. 0-1 years of professional experience with a focus on Application Security Engineering (AppSec) or closely related roles. Technical Stack: Strong ability to read and review code in a relevant programming language (e.g., Python, Django, or similar) used for data applications. Security Expertise: Deep knowledge of web application security principles, API security, and defensive coding practices. Communication: Exceptional verbal and written communication skills, with the ability to explain complex technical vulnerabilities and their impact to diverse teams and potentially high-level clients. Certification (Highly Preferred) Email - forstvalstudio@gmail.com
Wait!
Before You Leave... Find Your Perfect Job!
Are you sure you don't want to discover the perfect job opportunity? At JobPe, we help you find the best career matches, tailored to your skills and preferences. Don’t miss out on your dream job!