Application Security Engineer

Job Description: Responsibilities: Perform application security assessments including static (SAST), dynamic (DAST), and manual penetration testing. Identify, analyze, and remediate application vulnerabilities in web, mobile, and API-based applications. Conduct secure code reviews for applications developed in Go, Java, Python, and C#. Utilize penetration testing tools such as Burp Suite, Kali Linux, Nmap, SQLmap, and Metasploit. Integrate security testing into CI/CD pipelines to enable DevSecOps practices. Work closely with development and DevOps teams to implement secure coding standards and best practices. Manage and triage security findings, providing clear remediation guidance to engineering teams. ssist in threat modeling, risk assessments, and security architecture reviews. Maintain up-to-date knowledge of emerging security threats, tools, and techniques. Required Skills And Experience: Strong programming knowledge in Go, Java, Python, and C#. Hands-on experience with application penetration testing tools: Burp Suite. Kali Linux. Nmap. SQLmap. Metasploit. Experience securing CI/CD pipelines and integrating security tools. Working knowledge of Git for source code management. Experience with containerized environments using Docker. Solid understanding of OWASP Top 10, secure SDLC, and common attack vectors. Certifications (Preferred): GIAC Certifications: GCPN, GWEB, GMOB, GWAT, GPEN, GXPN, GREM. CEH (Certified Ethical Hacker). OSWE (Offensive Security Web Expert). CSSLP (Certified Secure Software Lifecycle Professional).

Created: 2026-03-17