Team Lead - Applications Security Engineering

As a Security-focused Code Reviewer, your primary responsibility will be conducting thorough security assessments by reviewing source code utilizing the Checkmarx Platform. Your tasks will involve performing static application security testing (SAST) and software composition analysis (SCA) across various programming languages and frameworks. It will be essential for you to identify, document, and communicate vulnerabilities discovered during the code review process, ensuring comprehensive reports and analysis are provided. In terms of Customer Support for Vulnerability Mitigation, you will directly collaborate with customers" Application Security (AppSec) and Development teams to offer actionable advice on remediating vulnerabilities. Your role will also include providing hands-on guidance on secure coding practices, assisting in understanding the root cause of vulnerabilities, and applying best practices for remediation. Additionally, you will support customers in prioritizing security fixes based on severity and potential impact. You will be expected to develop and present proof-of-concept (PoC) attacks to illustrate how identified vulnerabilities can be exploited in real-world scenarios. Providing technical demonstrations to help customers understand the risk level of specific vulnerabilities and the importance of remediation will be crucial aspects of your responsibilities. Collaboration with AppSec and Dev teams for Application Architecture Analysis will also be part of your role. You will collaborate to analyze the security aspects of application architecture, provide recommendations to secure the architecture at the design stage, and conduct threat modeling to identify potential attack vectors, embedding security into the development lifecycle. Furthermore, you will play a key role in mentoring junior engineers and security analysts, conducting internal training sessions, and staying updated on the latest security vulnerabilities, exploit techniques, and industry trends to contribute to continuous improvement. Act as a trusted advisor to clients, provide security consulting services, and collaborate with internal teams to ensure that security tools and platforms remain at the cutting edge of technology. Your skills should include a Bachelor's degree in computer science or a related technical discipline, 8+ years of experience in high-level programming languages, 5+ years of experience in security-focused code review, a deep understanding of enterprise-grade systems and architectures, and a proactive approach to problem-solving. Proficiency in English and security-related certifications are highly desirable. Please note that the role involves a hybrid work model with international travel occasionally required.,