Talent.com
This job offer is not available in your country.
Senior Application Security Engineer

Senior Application Security Engineer

QualiZealIndia
30+ days ago
Job description

Security Testing

Conduct Static Application Security Testing (SAST) and Software Composition Analysis (SCA)

Perform Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) for deeper analysis of vulnerabilities during runtime

Execute Mobile Application Security Testing and API Security Testing to safeguard against OWASP Security risks

Vulnerability Management and Threat Mitigation

Identify, prioritize, and remediate vulnerabilities through Vulnerability Assessments and Penetration Testing (VAPT)

Identify and mitigate vulnerabilities aligned with the latest OWASP Top 10 risks, including Injection, Broken Access Control, and Insecure Design

Assess and remediate vulnerabilities by OWASP Application Security Verification Standard (ASVS)

Cloud Security

Secure cloud environments hosted on AWS and Azure, adhering to CIS Benchmarks and NIST Cybersecurity Framework standards

Compliance and Regulations

Ensure application and infrastructure compliance with standards such as PCI DSS, HIPAA, and GDPR

Conduct regular assessments to align with SANS Top 25 Software Errors, NIST SP 800-53, and CIS Controls

DevSecOps Integration

Embed security practices within the Secure Software Development Lifecycle (SDLC) by automating security checks and remediation

Collaborate with DevOps teams to integrate security tools and testing into the CI / CD pipelines using Jenkins and Azure DevOps

Required Skills and Qualifications

Technical Proficiency

Legacy technologies : Java, .NET

Modern technologies : React, Node.js, Python, PHP, Ruby / Rails, Angular, etc

CMS experience with Magento-Adobe and Avocode

Cloud Skills

Expertise with AWS and Azure cloud platforms

Security and Compliance Knowledge

Strong understanding of OWASP Top 10, OWASP ASVS, PCI DSS, HIPAA, GDPR, CIS Benchmarks, and NIST Cybersecurity Frameworks

Familiarity with SANS Top 25 Software Errors and their remediation strategies

Security Testing Expertise

Proficiency in SAST, SCA, DAST, IAST, and penetration testing techniques

Experience in Threat Modeling to proactively identify and mitigate risks

Strong knowledge of VAPT, mobile, and API security testing

DevSecOps and SDLC Integration

Expertise in implementing Secure Software Development Lifecycle (SDLC) practices

Proficiency in integrating security tools with CI / CD pipelines using Jenkins and Azure DevOps

Soft Skills

Excellent communication skills to bridge the gap between technical and business teams

Ability to articulate technical issues to both technical and non-technical audiences

Create a job alert for this search

Application Engineer • India