go to searchsenior application security engineer
Security.Risks, Application Security, Code Review, DAST (Dynamic application security testing), SAST (Static Application Security Testing), SDLC Implementation, Secure Coding Practices, Secure SDLC, Security Testing, Threat Modeling, Amazon Web Services, DevOps, Docker Containers security, Go Language, Java, Kubernetes, OWASP Top 10, Python, Rust, Terraform
Senior Application Security Engineer
We're on the lookout for a Senior Application Security Engineer to join our remote team.
Your main role will be safeguarding the confidentiality, integrity, and availability of our Customer's information systems. You'll employ various security tools and technologies to ensure the security of applications and gaming systems. If you're always one step ahead of cybercriminals and have a passion for security, we're eager to connect with you!
responsibilities
- Conducting application security assessments on internal and external applications, and defining and updating an application security methodology
- Staying informed about secure coding best practices and aiding with static/dynamic code analysis
- Designing, creating, testing, documenting, deploying, and maintaining new automation capabilities and security services for the InfoSec team
- Keeping up-to-date with the Customer's applications and their security posture
- Defining and developing InfoSec training on web-based exploits/tools and corresponding mitigation techniques
- Collaborating with cross-functional teams to build complex solutions
requirements
- A minimum of 3 years' experience in Information Security principles, technology, and control processes
- Development experience in building systems using languages such as Python, C++, Golang/Rust
- Expertise in application security, code review, DAST (Dynamic Application Security Testing), and SAST (Static Application Security Testing)
- Experience with Secure Coding and AppSec frameworks (OWASP Guide, SANS CWE Top 25, CERT Secure Coding)
- Practical experience in implementing secure SDLC practices
- Solid understanding of DevOps principles, Docker container security, and Kubernetes
- Experience in working with and setting up services on AWS infrastructure
- Experience in threat modeling and implementing security testing methodologies like OWASP Top 10
- Understanding and application of concepts such as algorithms, data structures, OOO design, databases
- CEH and Offensive Security Certification (OSCP, GPEN, or GWAPT)
- Excellent oral and written communication skills, including report writing and technical documentation
- Fluent in English with an Upper-Intermediate level of proficiency
nice to have
- Experience with CI/CD systems and Terraform
- Knowledge of Java
benefits for locations
Colombia
For you
- Prepaid Medicine with Colsanitas for you and your legal dependents
- MetLife Life Insurance for you
- Thousands of projects for top brands
- Stable income
For your comfortable work
- 100% remote work forever
- Free licensed software
- Possibility to work on your own device (BYOD)
- Stable workload
- Relocation opportunities
- Flexible engagement models
For your growth
- Free trainings for technical and soft skills
- Free access to LinkedIn Learning platform
- Support from a personal Skill Advisor
- Language courses
- Free access to internal and external e-Libraries
- Access to internal communities and competency centers
- Certification opportunities
don't have time? Apply later!We send you a link to the job in your e-mail
get job alerts in your inboxHundreds of open jobs for Software Engineers, QA, DevOps, Business Analysts and other tech professionals
