Senior Application Security Engineer
1 month ago
Principal Accountabilities :
- Lead by example and independently perform all functions and services of the GIS AppSec team.
- Conduct advanced web application, micro-services, API, cloud penetration tests of proprietary and 3rd party on-prem/cloud systems and applications.
- Perform targeted manual security reviews at key points in the software development life cycle.
- Perform peer reviews of assessment reports and provide constructive guidance to team members.
- Train others on tools and processes used in AppSec methodology.
-Provide technical guidance to team members and other stakeholders (e.g. development teams, project teams, business stakeholders).
- Provide input for strategic visioning / planning.
- Identify the need and develop new security standards and reference architectures.
- Identify metrics that can help measure performance, gaps in coverage, need for head count, trends in findings.
- Identify and document process improvements and influence team and management support and prioritize changes.
- Establish yourself as a recognized technical expert within the team.
- Have an interest in continuing your education and training and staying current within the application security domain.
Requirements :
- 12+ years' experience performing security assessments of a wide variety of systems, applications and technologies which include both proprietary and industry standard protocols.
- Expert knowledge and experience performing manual security reviews of application source code for security vulnerabilities written in various languages including : .Net (C#, VB#), C++, .
- Expert level skills with application security testing tools including : Burp Suite Pro, Kali, Checkmarx, sqlmap, nmap, Wireshark, etc.
- Expert knowledge of the Open Web Application Security Project (OWASP) Top 10 vulnerabilities most critical web vulnerabilities and how to identify and remediate them.
- Advanced knowledge of application reverse engineering and using tools such as : Java decompilers, .Net decompilers, IDAPro, etc.
- Advanced knowledge of UNIX/Linux/Windows.
- Advanced knowledge with scripting languages such as: Python, bash, Powershell, etc.
- Experience with drafting of Security Standards, Reference Architectures and Secure Technical Implementation Guidelines.
- Have a passion for application security testing and be able to share your passion and learnings with teammates and customers.
- Self-motivated and a self-starter (If you have a question, find the answer, ask somebody, figure it out, and communicate).
- Excellent Oral and Written communications skills.
- Deep knowledge of security frameworks like OWASP and experience with API security.
- Strong experience in source code review and security testing methodologies (SAST, IAST, DAST, RASP).
Nice to have :
- Certifications such as GWAPT, eWPTx, OSCP, OSWE, CISSP, or other relevant certifications are highly preferred.
-
Senior Security Engineer
1 week ago
india TAC Security Full timeJob Title: Senior Security Engineer - VAPT Location: Pune, India Company Description TAC Security is a global leader in vulnerability management that specializes in protecting Fortune 500 companies, leading enterprises, and governments worldwide. With its AI-based Vulnerability Management Platform ESOF (Enterprise Security in One Framework), TAC Security...
-
Head of Application Security
7 hours ago
india Security Lit Full timeJob Description: Join the forefront of cybersecurity innovation at Security Lit! We're on the hunt for a dynamic Application Security (AppSec) Manager Lead to steer our Information Security Team. This pivotal role focuses on Vulnerability Assessment and Penetration Testing within the BFSI sector. You’ll be leading a spirited team spread across the UK,...
-
Senior Application Security Engineer
1 month ago
india Apollo Full timeYour Role & Mission The Senior Application Security Engineer will work with product and engineering to create a secure SDLC, design security features and implement tools, education and processes to reduce risk of security issues in the tech stack. Responsibilities Select or build tooling to help developers build secure code Provide...
-
Application Security Engineer
7 hours ago
india NielsenIQ Full timeNielsenIQ is maturing its Application Security programs and is recruiting an Application Security Engineer who will be responsible for supporting the rollout of DevSecOps capabilities and practises across all geographies and business units. As the Application Security Engineer, you will be responsible for integration, maintenance and analyses of the tools...
-
Senior Red Team Lead
2 weeks ago
india Security Lit Full timeJob Description: We are looking for a skilled and experienced professional to join our Information Security Governance team as a Senior Infrastructure, Application & Cloud Offensive Security Assessment expert. This role involves leading and executing comprehensive security assessments, including web application security testing, vulnerability assessment, and...
-
Senior Security Engineer
2 months ago
india 3M Consultancy Full timeJob Description This is a remote position. Job Title: Senior Security Engineer. Location: Washington, DC (Remote) Duration: Full-Time. Role Specific Duties: Provide network IDS monitoring, cyber threat intelligence, security log analysis and forensics, and web application security scanning and analysis. Protect users by...
-
Staff Application Security Engineer
1 week ago
india Insight Global Full timePosition Overview: As an Application Security Engineer, you will drive the security of our entire product suite. You will have the opportunity to partner with multiple product teams to champion secure coding practices and secure-by-design development principles. RESPONSIBILITIES: Support application security reviews and threat modeling Perform application...
-
Staff Application Security Engineer
7 hours ago
india Insight Global Full timePosition Overview: As an Application Security Engineer, you will drive the security of our entire product suite. You will have the opportunity to partner with multiple product teams to champion secure coding practices and secure-by-design development principles. RESPONSIBILITIES: Support application security reviews and threat modeling Perform application...
-
Senior Application Security Architect
5 days ago
india Claranet Full timeAbout The Role Essential Roles & Responsibilities Work within a dedicated security engineering function that accelerates the delivery of creative and secure capabilities for cloud products. Design and implement security architectures for cloud-based systems. Build security control framework and generic reference architectures for cloud...
-
Senior Application Security Architect
1 month ago
india Claranet Full timeAbout The Role Essential Roles & Responsibilities Demonstrate the ability to manage and lead multiple security initiatives and programs concurrently. Work with various security domains, including SAST, DAST, Mobile, Cloud Security, Container Security, and Architecture reviews. Exhibit proficiency in collaborating with multiple vendors to...
-
Application Security Engineer
2 weeks ago
india eJAmerica Full timeJob Description Experience Required - 8+ Familiarity with Noname and other API monitoring tools, Dynatrace Application Security, and Wiz for cloud security posture management (CSPM). Understand common application attack vectors such as the OWASP Top 10s for application security, APIs, mobile, and cloud. Collect alerts and use discovered data to enable...
-
Senior Application Security Analyst
4 weeks ago
India ETS Full timePosition Summary: We are looking for a seasoned Application Security Lead Analyst to join our team. As an Application Security Analyst, you will work as a consultant to our product development staff, ensuring the security of our applications throughout their lifecycle. Your role will be to identify potential vulnerabilities, suggest mitigation strategies,...
-
Senior Application Security Analyst
4 weeks ago
India ETS Full timePosition Summary:We are looking for a seasoned Application Security Lead Analyst to join our team. As an Application Security Analyst, you will work as a consultant to our product development staff, ensuring the security of our applications throughout their lifecycle. Your role will be to identify potential vulnerabilities, suggest mitigation strategies, and...
-
Security Architect
2 months ago
india Pylon Management Consulting Full timeRequirements : Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Proven experience as a Security Architect or a similar role. Strong controls framework understanding and experience and advanced knowledge of application security assessments. Experience in vulnerability management, threat assessments, or a...
-
Application Security Engineer
3 days ago
india QuEST Global Services Pte. Ltd Full timeQuest Global is an organization at the forefront of innovation and one of the world’s fastest growing engineering services firms with deep domain knowledge and recognized expertise in the top OEMs across seven industries. We are a twenty-five-year-old company on a journey to becoming a centenary one, driven by aspiration, hunger and humility. We are...
-
Senior Security Engineer India
5 days ago
india Chronos Consulting Full timeJob Description Our client is a world-renowned US startup in the field of automation. This California unicorn is still a private enterprise experiencing hypergrowth. They are looking for an exceptional Senior Security Engineer to join their team as they build their defensive security capabilities. This is a full-time, permanent role. Hybrid or...
-
Senior Application Security
1 week ago
india TalentOla Full timeRequirements: Perform in-depth security assessments for both web and mobile applications, utilizing advanced methodologies beyond the OWASP Top 10 and OWASP MSTG, to uncover and remediate complex security issues. Spearhead the adoption of security measures in mobile and web application development, focusing on reducing vulnerabilities across an...
-
Security Engineer
1 week ago
india VE3 Full timeJob Description Job Title: Security Engineer Location : UKPosition Type : Full-timeExperience Level : Mid-Senior (5+ years)Job Description : We are seeking an experienced Security Engineer with a strong background in penetration testing, vulnerability scanning, security analysis, identification of unencrypted sensitive data, and issue resolution. The ideal...
-
Senior Security Engineer
2 months ago
india KeepTruckin Full timeWho we are: Motive empowers the people who run physical operations with tools to make their work safer, more productive, and more profitable. For the first time ever, safety, operations and finance teams can manage their drivers, vehicles, equipment, and fleet related spend in a single system. Combined with industry leading AI, the Motive platform...
-
Senior Security Engineer
4 weeks ago
india STAFIDE Full timeJob Description Over ons: Stafide is de primaire plek voor technisch talentadvies en biedt uitgebreide werkmogelijkheden door heel Europa. Onze missie is duidelijk: moeiteloos werkzoekenden met werkgevers verbinden, met focus op de snelle veranderingen van technologie. Met onze onvergelijkbare expertise en standvaste toewijding, zijn we gespecialiseerd in...