Talent.com
This job offer is not available in your country.
Senior Application Security Engineer [Only 24h Left]

Senior Application Security Engineer [Only 24h Left]

QualiZealHyderabad, Telangana, India
8 hours ago
Job description

Security Testing

  • Conduct Static Application Security Testing (SAST) and Software Composition Analysis (SCA)
  • Perform Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) for deeper analysis of vulnerabilities during runtime
  • Execute Mobile Application Security Testing and API Security Testing to safeguard against OWASP Security risks

Vulnerability Management and Threat Mitigation

  • Identify, prioritize, and remediate vulnerabilities through Vulnerability Assessments and Penetration Testing (VAPT)
  • Identify and mitigate vulnerabilities aligned with the latest OWASP Top 10 risks, including Injection, Broken Access Control, and Insecure Design
  • Assess and remediate vulnerabilities by OWASP Application Security Verification Standard (ASVS)

    • Cloud Security

  • Secure cloud environments hosted on AWS and Azure, adhering to CIS Benchmarks and NIST Cybersecurity Framework standards

    • Compliance and Regulations

  • Ensure application and infrastructure compliance with standards such as PCI DSS, HIPAA, and GDPR
  • Conduct regular assessments to align with SANS Top 25 Software Errors, NIST SP 800-53, and CIS Controls

    • DevSecOps Integration

  • Embed security practices within the Secure Software Development Lifecycle (SDLC) by automating security checks and remediation
  • Collaborate with DevOps teams to integrate security tools and testing into the CI / CD pipelines using Jenkins and Azure DevOps

    • Required Skills and Qualifications

    Technical Proficiency

  • Legacy technologies : Java, .NET
  • Modern technologies : React, Node.js, Python, PHP, Ruby / Rails, Angular, etc
  • CMS experience with Magento-Adobe and Avocode

    • Cloud Skills

  • Expertise with AWS and Azure cloud platforms

    • Security and Compliance Knowledge

  • Strong understanding of OWASP Top 10, OWASP ASVS, PCI DSS, HIPAA, GDPR, CIS Benchmarks, and NIST Cybersecurity Frameworks
  • Familiarity with SANS Top 25 Software Errors and their remediation strategies

    • Security Testing Expertise

  • Proficiency in SAST, SCA, DAST, IAST, and penetration testing techniques
  • Experience in Threat Modeling to proactively identify and mitigate risks
  • Strong knowledge of VAPT, mobile, and API security testing

    • DevSecOps and SDLC Integration

  • Expertise in implementing Secure Software Development Lifecycle (SDLC) practices
  • Proficiency in integrating security tools with CI / CD pipelines using Jenkins and Azure DevOps

    • Soft Skills

  • Excellent communication skills to bridge the gap between technical and business teams
  • Ability to articulate technical issues to both technical and non-technical audiences
    • Create a job alert for this search

    Senior Application Security Engineer • Hyderabad, Telangana, India