Application Security Engineers

Greetings from Netsach - A Cyber Security Company.We are looking for Application security Engineers (2 resources) with 8+ yrs of strong experience who would be responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based informationJob Titlle: Application Security EngineersExp: 8+ yrsJob Location: Bangalore, RemoteJob Type: 1yrs Contract + ExtensionInterested candidates please share your updated resume at and post in Job Description 8+ years of experience in AppSec, Software/Systems Engineering, and/or Architecture. Expert level understanding of NodeJS, Java, modern web development frameworks and Service Oriented Architecture (SOA). Expert level understanding of AppSec scanning tools across SAST/SCA/DAST/IAST/Container Security/API Security/Secret Scanning/Fuzzing in large enterprise environments. In depth knowledge of SDLC, and CI/CD pipelines best practices. Good understanding of SLSA and supply chain security. Expert level understanding of containerized platforms and security best practices. In depth understanding of cybersecurity principles, including cryptography, authentication, web security, vulnerability assessments and threat detection. Understanding of security by design principles and architecture-level security concepts. Knowledge of web, mobile, API, Microservices, network and security architectures and design patterns. Knowledge of security best practices, principles, and common security frameworks, such as NIST, ISO, Common Criteria, TCSEC, OWASP, etc. Experience with data architecture, modelling and integration. Perform threat modelling, conduct reviews of security architecture and platform service designs, and audit source code and API configurations. Experience with IAM (identity and access management) patterns, practices, policies and architectures, and common security technologies like JWT, OAuth, and SAML. Desired expertise in various security testing activities, including penetration testing, vulnerability scanning, and code reviews. Working knowledge of major cloud platforms such as AWS, Azure, Google Cloud.Industry certifications (e.g., CISSP, CISM, CCSP, or equivalent) are a plus.Responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information Provides consulting services and security support through Product Security Center of Excellence to internal product team Reviews, develops, tests, and implements security plans, products, and control techniques Assists with the development of secure coding standards Documents security policies and procedures where/when needed Evaluates new and proposed security systems, products, and technologies Define and improve application security in the SDLC, ensuring security is prioritized from inception to deployment. Conduct regular security architecture risk assessments and threat modelling to implement effective risk mitigation strategies. Maintain awareness on latest DevSecOps approaches and how they fit into large enterprise organizations AppSec program. Collaborate with software engineers and leadership teams as well and cybersecurity teams to integrate security controls throughout the software development lifecycle. Be comfortable interfacing and providing guidance to senior and technical leadership on application security issues/approaches, to achieve the deployment of effective security solutions.Qualifications Bachelors degree in computer science, Information Security, or related fieldBasic Requirements Effective verbal and non-verbal communication skills at all levels of the organization Leadership teamwork and collaboration Discretion Problem solving Critical Thinking Self-initiated/sufficient MotivatedThank You Emily Jha Netsach - A Cyber Security Company