Application Security Engineer

Title: Application Security Engineer

Duration: 6 Months

Location: Remote

Top 3 skills:

SAST: Static Code Appln Security Testing (checkmarx, fortify etc.)

Software Composition Analysis (SCA): this is third party vulnerability tools

Dynamic appln security testing or penetration testing

Interactive Appln security testing (IAST)

Container security is plus but not mandatory

Responsibilities

• Manages and lead the end-to-end Security Coaches and advisor program
  Provide guidance and act as security advisors to Application development team, Application Security Engineers and Analysts.
  Assist in the support of systems and tools supported by Secure Software development & Application Security
  Assist in building Knowledge Base, FAQs, and Process, as required by Secure SDLC
  Review static analysis results and provide secure practices guidance to development teams related to software security defects and assisting them with remediation.
  Qualifications:
  Experience in two or more of the following languages (Java, Perl, Python, C, C++, C++\CLI, C#, Objective C, Ruby)
  Experience with Web Applications, API, Web Services, and Service Oriented Architectures.
  Solid experience in AWS core services.
  Understanding of SAST, DAST,SCA( third party open source vulnerabilities) IAST, and their use in development pipelines.
• Understanding of different kinds of Authentications
• Knowledge of Access Management (OAuth and SAML)
  Strong analytical, documentation, and communication skills.
  Experience with the identification and remediation guidance of software security defects.
  Experience with common web frameworks