Application Security Engineer

About the Role

We are seeking a motivated Application Security Engineer to help strengthen the security posture of our applications and CI/CD pipelines. You will collaborate with development and DevOps teams to embed security early in the software development lifecycle and support continuous improvement efforts.

Technical Skills (Required)

  • 18-24 months of experience in application security, software development, or a related IT security role.
  • Proficiency in Java, JavaScript, and Python, with strong secure coding and vulnerability management skills.
  • Experience with SAST, SCA, DAST, and API Security methodologies.
  • Hands-on experience with tools such as Snyk, Burp Suite, OWASP Dependency Check, or Nexus Lifecycle, including CI/CD integration.
  • Solid understanding of application security principles and secure SDLC practices.
  • Strong knowledge of container technologies (Docker, Podman), including secure image handling, container scanning, and deployment best practices.


Technical Skills (Preferred)

  • Professional experience with CloudBees (Jenkins Enterprise) for CI/CD pipeline design, management, and security tool integration.
  • Experience with GitLab CI/CD and GitLab security features.
  • Experience leveraging Large Language Models (LLMs)-e.g., ChatGPT and Anthropic-for secure code synthesis, automated code review heuristics, and pipeline integrated workflow orchestration.
  • Familiarity with Kubernetes (K8s) for container orchestration.
  • Experience with Red Hat OpenShift (OCP) in enterprise container platform environments.


Soft Skills

  • Strong collaboration skills, with the ability to work closely with development and DevOps teams to promote secure coding practices.
  • Excellent written and verbal communication skills, suitable for both technical and non technical audiences.
  • Proactive and analytical mindset with strong problem solving abilities.
  • Ability to take ownership of tasks and operate effectively in a fast paced environment.
  • Capability to mentor junior developers on secure development practices.

Skills

  • Java, JavaScript and/or Python Professional (4-5)
  • SAST, DAST, SCA and/or API Security Professional (4-5)
  • Synk, BurpSuite, OWASP Dependency-Check and/or Nexus Lifecycle Professional (4-5)

Apply