Principal Application Security Engineer
Location
Secunderabad | India
Job description
Your core responsibility is to ensure the delivery of secure software
- You are the go-to person for security, internally as well as for our clients
- Leveraging your technical expertise and leadership, you drive the secure SDLC with its tools and processes
- You ensure application security requirements are part of product development
- You have expert understanding of application security and application security vulnerabilities and provide guidance to other team members
- You provide architecture design reviews as well as source code reviews
- You are responsible for Architectural Risk Analysis of the core products and lead the threat modeling activities
- You provide training to developers and QA engineers on application security
- You research new tools and take the initiative in improving the ways of working. You play a key role in selecting candidates for the security team as well as onboarding and mentoring new hires.
In order to really own this role, we think you ll need:
- Excellent understanding of application security and common application security vulnerabilities;
- Excellent knowledge of the frontend, backend and mobile security domains;
- Good understanding of DevOps and cloud native technologies;
- Successful track record driving security initiatives;
- A background in development and a good understanding of the SDLC;
- English language on a professional level, written and spoken.
We ll be delighted if you bring experience in the following topics but otherwise these would be opportunities for you to grow your knowledge working in the security team:
- Implementing OWASP ASVS/M-ASVS and SKF;
- Implementing SAST, SCA, IAST and RASP tools in the SDLC;
- Assessing and implementing security maturity models;
- Facilitating threat modeling sessions with the development teams;
- Pen testing web and mobile applications;
- Training and guiding developers on application security concepts;
- Relevant regulations such as GDPR and PCI-DSS.
Job tags
Salary