Conduct thorough security assessments of applications, identifying vulnerabilities and weaknesses in code, architecture, and configurations.
Collaborate closely with development teams to integrate security best practices into the software development lifecycle (SDLC) and ensure secure coding standards are followed.
Perform regular security testing, including static code analysis, dynamic application scanning, and penetration testing, to identify and mitigate security risks.
Analyze security incidents and provide timely response and remediation actions to mitigate potential threats.
Develop and maintain security documentation, including security requirements, design documents, and security testing reports.
Assist in the design and implementation of security controls and mechanisms to protect sensitive data and critical systems.
Stay up to date with emerging security threats and industry best practices and recommend security enhancements and controls accordingly.
Provide security guidance and support to cross-functional teams, including developers, architects, and project managers.
Participate in security reviews and audits, ensuring compliance with security policies, standards, and regulatory requirements.
Collaborate with third-party vendors and partners to assess the security posture of integrated systems and applications.
What you need to bring:
Bachelor's degree in computer science, Information Security, or a related field.
5+ years of experience in application security, including hands-on experience with security testing tools and techniques.
Strong understanding of web application security concepts, including OWASP Top 10 vulnerabilities and secure coding practices.
Experience with security testing tools such as Burp Suite, OWASP ZAP, and code analysis tools like SonarQube or Checkmarx, Snyk.
Proficiency in at least one programming language (e.g., Java, Python, JavaScript) and ability to review and understand code.
Familiarity with software development methodologies (e.g., Agile, DevOps) and their impact on security practices.
Excellent analytical and problem-solving skills, with attention to detail.
Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
Certifications such as CISSP, CEH, or CASE (Java), or equivalent.
Demonstrated ability to work independently and prioritize tasks in a fast-paced environment.
Desired Skills:
Experience with cloud security principles and practices, including secure configuration management and identity access management (IAM).
Knowledge of containerization technologies (e.g., Docker, Kubernetes) and related security controls.
Understanding of secure authentication mechanisms (e.g., OAuth, JWT) and encryption techniques.
Participation in bug bounty programs, Capture the Flag (CTF) competitions, or open-source security projects.
Experience with scripting languages (e.g., Bash, PowerShell) for automation of security tasks and processes.
Desired Skills and Qualifications:
Bachelor’s degree in computer science, Information Technology, or related field.
Strong analytical and problem-solving skills.
Excellent communication and collaboration abilities.
Proven ability to work effectively in a fast-paced environment.
Continuous learning mindset to stay updated with evolving security threats and technologies.
Security Testing, Penetration Testing, OWASP
--
You must verify your mobile number to apply to this job.