Techblocks - Senior Application Security Engineer - Vulnerability Assessment

About Us

Position :

Experience :

Location :

Responsibilities

• Application Security
• Conduct regular security assessments to identify vulnerabilities in applications and work with development teams to design secure software systems, resolve vulnerabilities and issues, and implement robust security measures.
• Additional responsibilities include security audits and penetration testing as required.
  

Technical Skills

• Proficient in multiple programming languages. Advanced understanding of the intricacies and potential security flaws inherent in different languages.
• Working experience in languages like Java, JavaScript, C++, Python, and Ruby.
• Experience in API development/testing and API security
• Established experience with Agile (including Scrum and Kanban) and software development lifecycle (SDLC) practices.
• Experience with GCP, Containers and Serverless technologies
  

Tools And Integration

• Hands on experience with SAST, DAST, Jira, and Confluence tools, experience integrating security incidence workflows.
• Knowledge of security technologies like firewalls, intrusion detection systems, and encryption and practical application.
  

Security Reviews And Threat Modelling

• Conduct regular security assessments to identify vulnerabilities in applications and work with development teams to remediate them.
• Work with the development teams on threat modelling to identify potential threats and vulnerabilities in an application.
• Requires understanding of software architecture, identifying potential attack vectors, and devising strategies to mitigate these threats.
• Work closely with software developers, systems administrators, and other IT professionals to ensure security is integrated into the application development process from the start.
  

Familiarity With Security Frameworks And Standards

• Develop and maintain documentation of application security policies and procedures, ensuring compliance with industry standards.
• Knowledge and practical application of OWASP, CISSP or other well-known security frameworks.
  

Security Incidence Response

• In the event of a security alert, the candidate will react quickly to analyse the issue, contain the issue if needed and protect sensitive data.
• Responsible for proactively working with third party vendors on updating security rules and alerting processes
  

Soft Skills

• Communication skills
• Strong verbal and written communication skills.
• Strong ability to articulate complex security concepts to developers and other stakeholders in an understandable way.
• Ability to write clear and concise security reports and present findings to both technical and non-technical audiences.
  

Problem-solving Skills

• Ability to analyse a problem, determine its root cause, and devise a plan to resolve it.
• Ability to navigate a rapidly changing landscape, while handling multiple responsibilities
• Curious about new technology and always looking to acquire new knowledge
  

Education

• Bachelors Degree in Cybersecurity, Computer Science or Information assurance
• A Masters degree is a plus.
• Certified Secure Software Lifecycle Professional (CSSLP), Certified Application Security Engineer (CASE), or Secure Software Practitioner (SSP) certifications are an advantage