Urgent Search Senior

Company Description About IGT1 Lanka IGT1 Lanka is a rapidly growing offshore technology and talent solutions company based in Port City Colombo We are a fully owned subsidiary of IGT I Holdings Sweden AB funded by the three of world s leading private equity firms EQT Group Hg and TA Associates We re also proud to be a sister company of IFS Sri Lanka s largest and most established technology company At IGT1 Lanka we partner with global businesses to scale operations accelerate innovation and build world-class SaaS platforms through high-quality offshore delivery Our people-first culture champions diversity teamwork and continuous learning creating an environment where talent thrives With a team of over 300 professionals and counting we are always looking for passionate skilled individuals who want to make a global impact while being part of something extraordinary Through our offshore collaboration model you ll be embedded within the team of one of our esteemed international clients contributing directly to high-impact enterprise-level initiatives About Workwave WorkWave is a field service management software that provides SaaS solutions for businesses in the service industry HVAC Plumbing Electrical Cleaning Lawn Landscape Home Delivery Logistics Distribution We empower these businesses to deliver exceptional customer experiences and grow their customer base on our efficient and easy-to-use platform WorkWave Team is looking for innovative Application Security Engineers who want to be part of a team of creative and talented individuals Our teams are a mix of technologists product managers development engineers and UI UX designers all working together to deliver our vision You will be a part of our WorkWave team helping to develop support the WorkWave products The ideal candidate should have expertise in compliance and security standards such as PCI DSS SOC ISO and Privacy Shield Data Privacy Framework Key responsibilities include ensuring the security of desktop web and mobile applications through vulnerability assessments penetration testing security scans and architecture design reviews Responsibilities Ensure application security measures comply with industry standards e g PCI DSS SOC 2 ISO 27001 Maintain security policies and support compliance audits Conduct regular vulnerability assessments and manage remediation Implement and maintain vulnerability management tools Perform penetration testing on desktop web and mobile applications Document the findings and collaborate with development teams to implement fixes Conduct regular security scans and audits using SAST DAST SCA and IAST tools Review application architecture for security best practices Provide secure coding guidance and participate in release readiness reviews Ensure data security through encryption and access controls Implement data protection strategies and follow Privacy by design principles Perform network vulnerability assessments and firewall audits and address potential security weaknesses Collaborate with cross-functional teams to integrate security into the SDLC Provide security training and assist in developing incident response plans Qualifications Bachelor s degree in computer science Information Security or related field Relevant certifications such as CEH CHFI Security CSSLP would be an added advantage 4 years of experience in application security focusing on desktop web and mobile applications Proven experience with compliance standards and frameworks PCI DSS SOC 2 ISO 27001 Privacy Shield Hands-on experience with vulnerability assessment tools and techniques Qualys Blackduck Polaris BurpSuite Nmap Firewalls WAF IDS IPS Kali Linux Strong background in penetration testing and security audits Familiarity with SAST DAST SCA and IAST tools In-depth knowledge of application security principles cryptography authentication and authorization Experience with secure coding practices and application architecture design review Ability to work independently and as part of a team Strong analytical and problem-solving skills with excellent communication and interpersonal abilities Additional Information We believe that coming together as a community in person is important for innovation connection and fostering a sense of belonging Our roles have the right balance of remote and in-office working to enable flexibility for managing your life along with ensuring a real connection with your colleagues and the broader IFS community