Application Security Engineer

Quest Global is an organization at the forefront of innovation and one of the world’s fastest growing engineering services firms with deep domain knowledge and recognized expertise in the top OEMs across seven industries. We are a twenty-five-year-old company on a journey to becoming a centenary one, driven by aspiration, hunger and humility. We are looking for humble geniuses, who believe that engineering has the potential to make the impossible, possible; innovators, who are not only inspired by technology and innovation, but also perpetually driven to design, develop, and test as a trusted partner for Fortune 500 customers. As a team of remarkably diverse engineers, we recognize that what we are really engineering is a brighter future for us all. If you want to contribute to meaningful work and be part of an organization that truly believes when you win, we all win, and when you fail, we all learn, then we’re eager to hear from you. The achievers and courageous challenge-crushers we seek, have the following characteristics and skills:  We are looking for a hands-on, dynamic, and enthusiastic application security engineer to help drive our application security efforts. This is an exciting opportunity to join our application security efforts related to the development of various projects in IoT, Intralogistics, Control, Cloud, and Edge systems that aim to transform the industry. We are looking for a hands-on , dynamic, and enthusiastic application security engineer to help drive our application security efforts. This is an exciting opportunity to join our application security efforts related to the development of various projects in IoT, Intralogistics, Control, Cloud, and Edge systems that aim to transform the industry. This role is hands-on application security that applies expertise in application security and knowledge of security best practices to the development of existing and future products. The application security engineer not only demonstrates the skills and knowledge of a seasoned hands-on security professional but also participates in efforts to enhance application security and development practices of product teams. Additional Job Description This is What You Will do in This Role / Key Responsibilities • Perform penetration tests on applications in the cloud and/or on-prem, networks and systems to identify security vulnerabilities and weaknesses. • Lead the process of addressing security findings and prioritizing vulnerabilities, collaborating with development teams, as they arise and during testing and the implementation of new systems or changes to existing systems. Utilize various penetration testing tools and techniques to simulate real-world cyber-attacks.• Conduct security assessments and risk analysis to prioritize vulnerabilities and recommend remediation strategies. Collaborate with cross-functional teams to develop and implement security best practices and protocols.• Generate detailed reports documenting findings, recommendations, and remediation steps.• Stay updated with the latest security threats, vulnerabilities, and industry trends.• Apply the Secure Software Development Lifecycle (SSLDC) methodologies across the organization.• Experience with cloud platforms (, AWS, Azure, GCP) and container technologies (, Docker, Kubernetes).• Hands-on experience with DAST/SAST testing frameworksWhat We are Looking For / Qualifications• 5+ years of penetration testing and ethical hacking experience• Experience with security tools such as Qualys, Nessus, Veracode, Burp Suite, Nexpose, Snort, Nmap, Wireshark or Metasploit• Participation in Capture the Flag (CTF) competitions or bug bounty programs.• Strong knowledge of security architecture, system, and network security• Strong experience and in-depth knowledge of security standards and best practices (OWASP, SANS 25, etc.) as they relate to cloud and web applications• Experience in analyzing security of Java applications or cloud-based applications.• Ability to read and write one or more common programming languages such as Java, JavaScript, C/C++, Python, with 2+ years of hands-on programming or scriptwriting experience, including 2+ years of working with cloud applications• Strong Knowledge of Linux and Windows OSPreferred• CISSP, CEH, OSCP, CompTIA Pen Test+, or GPEN.• BS in Comp Science