Senior Application Security Engineer

About Us:

Techblocks is a leading global digital product development firm. We unify strategy, design and technology with continuous growth-centric digital product engineering solutions for F500 companies and global brands, including Bell Telecom, Bausch Health (Previously Valeant Pharma), Honda Motors, AES Corp, Thomson Reuters Carswell, First American and Colliers International.

Our passion is empowering innovators and change-makers at every level of the product life cycle. We specialize in building customized business apps that allow organizations and enterprises to improve their efficiency, collaboration and user experience.

Position: Sr. Application Security Engineer

Experience: 5+ Years

Location: Ahmedabad / Hyderabad (Hybrid Work mode)

Responsibilities:

Application Security

• Conduct regular security assessments to identify vulnerabilities in applications and work with development teams to design secure software systems, resolve vulnerabilities and issues, and implement robust security measures.
• Additional responsibilities include security audits and penetration testing as required.

Technical Skills:

• Proficient in multiple programming languages.
• Advanced understanding of the intricacies and potential security flaws inherent in different languages.
• Working experience in languages like Java, JavaScript, C++, Python, and Ruby.
• Experience in API development/testing and API security
• Established experience with Agile (including Scrum and Kanban) and software development lifecycle (SDLC) practices.
• Experience with GCP, Containers and Serverless technologies

Tools and Integration:

• Hands on experience with SAST, DAST, Jira, and Confluence tools, experience integrating security incidence workflows.
• Knowledge of security technologies like firewalls, intrusion detection systems, and encryption and practical application is

Security Reviews and Threat Modeling:

• Conduct regular security assessments to identify vulnerabilities in applications and work with development teams to remediate them.
• Work with the development teams on threat modeling to identify potential threats and vulnerabilities in an application.
• Requires understanding of software architecture, identifying potential attack vectors, and devising strategies to mitigate these threats.
• Work closely with software developers, systems administrators, and other IT professionals to ensure security is integrated into the application development process from the start.

Familiarity with Security Frameworks and Standards

• Develop and maintain documentation of application security policies and procedures, ensuring compliance with industry standards.
• Knowledge and practical application of OWASP, CISSP or other well-known security frameworks.

Security Incidence Response:

• In the event of a security alert, the candidate will react quickly to analyze the issue, contain the issue if needed and protect sensitive data.
• Responsible for proactively working with third party vendors on updating security rules and alerting processes

Soft Skills:

• Strong verbal and written communication skills.
• Strong ability to articulate complex security concepts to developers and other stakeholders in an understandable way.
• Ability to write clear and concise security reports and present findings to both technical and non-technical audiences.

Problem-solving Skills:

• Ability to analyze a problem, determine its root cause, and devise a plan to resolve it.
• Ability to navigate a rapidly changing landscape, while handling multiple responsibilities
• Curious about new technology and always looking to acquire new knowledge

Education:

• Bachelor's Degree in Cybersecurity, Computer Science or Information assurance
• A Master's degree is a plus.
• Certified Secure Software Lifecycle Professional (CSSLP), Certified Application Security Engineer (CASE), or Secure Software Practitioner (SSP) certifications are an advantage