Application Security Engineers

Greetings from Netsach - A Cyber Security Company.

We are looking for Application security Engineers (2 resources) with 8+ yrs of strong experience who would be responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information

Job Titlle: Application Security Engineers

Exp: 8+ yrs

Job Location: Bangalore, Remote

Job Type: 1yrs Contract + Extension

Interested candidates please share your updated resume at and post in

Job Description

• 8+ years of experience in AppSec, Software/Systems Engineering, and/or Architecture.

• Expert level understanding of NodeJS, Java, modern web development frameworks and Service Oriented Architecture (SOA).

• Expert level understanding of AppSec scanning tools across SAST/SCA/DAST/IAST/Container Security/API Security/Secret Scanning/Fuzzing in large enterprise environments.

• In depth knowledge of SDLC, and CI/CD pipelines best practices.

• Good understanding of SLSA and supply chain security.

• Expert level understanding of containerized platforms and security best practices.

• In depth understanding of cybersecurity principles, including cryptography, authentication, web security, vulnerability assessments and threat detection.

• Understanding of security by design principles and architecture-level security concepts.

• Knowledge of web, mobile, API, Microservices, network and security architectures and design patterns.

• Knowledge of security best practices, principles, and common security frameworks, such as NIST, ISO, Common Criteria, TCSEC, OWASP, etc.

• Experience with data architecture, modelling and integration.

• Perform threat modelling, conduct reviews of security architecture and platform service designs, and audit source code and API configurations.

• Experience with IAM (identity and access management) patterns, practices, policies and architectures, and common security technologies like JWT, OAuth, and SAML.

• Desired expertise in various security testing activities, including penetration testing, vulnerability scanning, and code reviews.

• Working knowledge of major cloud platforms such as AWS, Azure, Google Cloud.

• Industry certifications (e.g., CISSP, CISM, CCSP, or equivalent) are a plus.
• Responsible for providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information

• Provides consulting services and security support through Product Security Center of Excellence to internal product team

• Reviews, develops, tests, and implements security plans, products, and control techniques

• Assists with the development of secure coding standards

• Documents security policies and procedures where/when needed

• Evaluates new and proposed security systems, products, and technologies

• Define and improve application security in the SDLC, ensuring security is prioritized from inception to deployment.

• Conduct regular security architecture risk assessments and threat modelling to implement effective risk mitigation strategies.

• Maintain awareness on latest DevSecOps approaches and how they fit into large enterprise organization's AppSec program.

• Collaborate with software engineers and leadership teams as well and cybersecurity teams to integrate security controls throughout the software development lifecycle.

• Be comfortable interfacing and providing guidance to senior and technical leadership on application security issues/approaches, to achieve the deployment of effective security solutions.

Qualifications

• Bachelor's degree in computer science, Information Security, or related field

Basic Requirements

• Effective verbal and non-verbal communication skills at all levels of the organization

• Leadership teamwork and collaboration

• Discretion

• Problem solving

• Critical Thinking

• Self-initiated/sufficient

• Motivated

Thank You 

Emily Jha

Netsach - A Cyber Security Company