Application Security Engineers

Greetings from Netsach - A Cyber Security Company.

We are looking for Application security Engineers (2 resources) with 8+ yrs of strong experience who would be responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information

Job Titlle: Application Security Engineers

Exp: 8+ yrs

Job Location: Bangalore, Remote

Job Type: 1yrs Contract + Extension

Interested candidates please share your updated resume at and post in netsachglobal.com

Job Description

8+ years of experience in AppSec, Software/Systems Engineering, and/or Architecture.

Expert level understanding of NodeJS, Java, modern web development frameworks and Service Oriented Architecture (SOA).

Expert level understanding of AppSec scanning tools across SAST/SCA/DAST/IAST/Container Security/API Security/Secret Scanning/Fuzzing in large enterprise environments.

In depth knowledge of SDLC, and CI/CD pipelines best practices.

Good understanding of SLSA and supply chain security.

Expert level understanding of containerized platforms and security best practices.

In depth understanding of cybersecurity principles, including cryptography, authentication, web security, vulnerability assessments and threat detection.

Understanding of security by design principles and architecture-level security concepts.

Knowledge of web, mobile, API, Microservices, network and security architectures and design patterns.

Knowledge of security best practices, principles, and common security frameworks, such as NIST, ISO, Common Criteria, TCSEC, OWASP, etc.

Experience with data architecture, modelling and integration.

Perform threat modelling, conduct reviews of security architecture and platform service designs, and audit source code and API configurations.

Experience with IAM (identity and access management) patterns, practices, policies and architectures, and common security technologies like JWT, OAuth, and SAML.

Desired expertise in various security testing activities, including penetration testing, vulnerability scanning, and code reviews.

Working knowledge of major cloud platforms such as AWS, Azure, Google Cloud.

• Industry certifications (e.g., CISSP, CISM, CCSP, or equivalent) are a plus.
• Responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information

Provides consulting services and security support through Product Security Center of Excellence to internal product team

Reviews, develops, tests, and implements security plans, products, and control techniques

Assists with the development of secure coding standards

Documents security policies and procedures where/when needed

Evaluates new and proposed security systems, products, and technologies

Define and improve application security in the SDLC, ensuring security is prioritized from inception to deployment.

Conduct regular security architecture risk assessments and threat modelling to implement effective risk mitigation strategies.

Maintain awareness on latest DevSecOps approaches and how they fit into large enterprise organizations AppSec program.

Collaborate with software engineers and leadership teams as well and cybersecurity teams to integrate security controls throughout the software development lifecycle.

Be comfortable interfacing and providing guidance to senior and technical leadership on application security issues/approaches, to achieve the deployment of effective security solutions.

Qualifications

Bachelors degree in computer science, Information Security, or related field

Basic Requirements

Effective verbal and non-verbal communication skills at all levels of the organization

Leadership teamwork and collaboration

Discretion

Problem solving

Critical Thinking

Self-initiated/sufficient

Motivated

Thank You

Emily Jha

Netsach - A Cyber Security Company