Perform architecture and security reviews on highly complex products to identify vulnerabilities.
Work with development teams to integrate software security design patterns throughout the application lifecycle.
Ensure critical application design and implementation decisions are based on sound security patterns.
Facilitate analytics process for application abuse detection.
Support application protection efforts, incident response and fraud.
Find security threats and vulnerabilities in applications and recommend mitigation strategies.
Participate in evaluation, deployment and operations of innovative security solutions.
Conduct static and dynamic application security testing (SAST/DAST), code reviews, security assessments and evaluations.
Implement and manage security tools, including SAST, DAST, Software Composition Analysis (SCA), and other security scanning solutions.
Drive the implementation of authentication, authorization, and access control mechanisms for APIs and platforms.
Partner with application development, engineering and operations teams to ensure a security-first approach in CI/CD pipelines.
Work closely with the offensive security team to help identify, uncover and validate weakness and exposures in critical applications.
Support incident response efforts and mitigations related to application security vulnerabilities and weaknesses.
Provide security awareness training and guidance to development teams on secure coding practices.
Lead implementation of strategic security initiatives that improve application security across the organization.
Ensure application security practices align with regulatory standards such as PCI-DSS, NIST, and OWASP guidelines.

Requirements

Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or relevant equivalent experience.
5+ years of experience in application security, secure software development, and vulnerability management.
Experience with containerization technologies, the principles of container operation, and implementing secure operational states for containerization technologies.
Direct experience with security tools such as vulnerability scanners, DAST and SAST solutions, application testing tools, and application analysis tools.
Strong knowledge of secure coding practices and common security vulnerabilities.
Familiarity with DevSecOps principles and integrating security into CI/CD pipelines.
Understanding of regulatory frameworks and compliance requirements (e.g., PCI-DSS, NIST, OWASP etc)
Comfortable with scripting and automation using languages such as Python, PowerShell, or Bash.

Benefits

📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

application securitysecure software developmentvulnerability managementstatic application security testing (SAST)dynamic application security testing (DAST)software composition analysis (SCA)secure coding practicesscriptingautomationcontainerization technologies

Soft Skills

leadershipcommunicationcollaborationanalytical thinkingproblem-solvingtrainingguidance