Application Security Engineer

Job Summary:

The Software Security Engineer drives security integration across the Software Development Life Cycle, ensuring automated vulnerability assessments and secure practices are embedded in DevOps workflows. This role provides technical leadership oversight and mentorship to ensure secure and efficient delivery.

Duties & Responsibilities:

• Leads the design and implementation of security automation in CI/CD pipelines.
• Oversee vulnerability management processes and ensure timely remediation.
• Collaborate with stakeholders to align security initiatives with business objectives.
• Monitors emerging threats and recommend improvements to security posture.
• Monitors security alerts and facilitate investigations to minimize the impact of incidents.
• Prepares and presents comprehensive application security reports and documentation to stakeholders, highlighting potential risks and breaches, and recommendations for improvement.
• Participates in vulnerability assessments to identify and address security flaws.
• Analyzes and responds to security-related ticket requests to assess risks and ensure application security.
• Attends departmental meetings and drafts minutes to track the status of security compliance requests.
• Conducts regular audits on Software Applications to ensure compliance with security practices.
• Works with IT engineers to make sure that application systems and servers are safe from external threats.
• Security Education: Educating teams about application and infrastructure security best practices.

Qualifications:

• A bachelor’s degree in information security, computer science, Engineering or related field.
• At least 4 years of experience in Application Security.
• Advanced knowledge of tools like SAST, DAST, CI/CD Integration, OWASP ZAP, Snyk, SonarQube, Nessus.
• Familiarity with OWASP Top 10, secure API development, and server hardening.
• Strong understanding of secure application development frameworks, vulnerability remediation, and compliance standards.
• Leadership and communication skills for cross-functional collaboration.
• Proficiency in automation and scripting is an advantage.
• With ISO and Cybersecurity-related training.
• CSSLP, CISSP, or Certified DevSecOps Professional is an advantage.
• Strong cloud security knowledge (AWS), and experience with Databases, Systems and Network.

IMPT. NOTE: As this website allows us to collect your information through your resumes, please read our Privacy Notice before proceeding: https://www.adec-innovations.com/privacy-statement/