We are seeking for an experienced Application Security Expert to join our company.
An enthusiastic and experienced IT security expert/engineer to help drive the security posture of the organization.
An Application Security Expert is responsible for ensuring the security of software applications throughout their development lifecycle and in production environments. The role involves identifying vulnerabilities, implementing security measures, and ensuring that applications comply with industry standards and regulations.
Responsibilities
· Perform security assessments on applications, including code reviews, architecture reviews, and configuration reviews, to identify potential vulnerabilities.
· Identify and evaluate potential threats to the application and recommend appropriate mitigation strategies.
· Collaborate with development teams to define and integrate security requirements into the software development process.
· Provide training and guidance to developers on secure coding practices, common vulnerabilities (such as those listed in the OWASP Top 10), and how to avoid them.
· Implement and manage security tools like Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) within the CI/CD pipeline.
· Administrate of Web Application Firewall.
· Develop and enforce application security policies and standards across the organization.
· Cooperate with other security staff to ensure knowledge sharing and full visibility.
Qualifications
· Experience of application security architecture design.
· Familiarity with security principles (such as OWASP top 10, NIST standards), risk assessments, security controls planning.
· Excellent spoken and written communication skills.
· Must be able to learn fast and adapt quickly to ever changing requirements and priorities.