Overview
We are devoted to establishing a workforce that represents the diversity of the communities in which we live and serve, and where every team member has the chance to fulfill their full potential.
Senior Application Security Engineer
Is your enthusiasm driving you to seek a fast-paced and exciting work environment?
You could be precisely what we’re searching for – greatness to add to our already wonderful community!
With us, you’ll be able to advance your professional career, collaborate with our award-winning IT Dev Team, and feel fulfilled by making a meaningful contribution to the global digital scene.
You will have an opportunity to:
- Perform in-depth penetration tests of web applications and APIs.
- To find flaws and vulnerabilities, conduct manual and automated security assessments and source code inspections of web applications.
- Apply advanced skills, knowledge, and experience to bypass existing security measures
- Contribute to the development, adoption, and enforcement of application security standards, and controls.
- Participate in threat modeling and secure source code reviews
- Actively participate and lead secure architectural design sessions.
- Track security flaws and collaborate with development teams to remediate open issues within agreed-upon timeframes.
You will be a great fit on our team if…
- 3+ years of practical, in-depth experience doing application penetration tests in support of enterprise goals and product development.
- Experience with web and API attack and mitigation methods, security assessments, and penetration testing.
- Knowledge of open security standards such as OWASP Top 10, OWASP ASVS, SANS Top 25, CWE, NIST
- Security testing tools including OWASP Zed Attack Proxy, Burp Suite, and Postman.
- Solid understanding of common web application technologies, languages, and frameworks.
- a thorough understanding of how to find and fix vulnerabilities in software as well as awareness of common issues.
- Web application firewall (WAF)
- SAST, DAST, and IAST tools
- Programming experience in .NET, C#, and Java
- Experience with Web Services such as JSON, XML, and REST Technologies
- Experience in advocating security best practices for third-party integrations (e.g. Cloud solutions, third-party libraries, etc.).
- Knowledge of secure coding principles and best practices for web applications
- Ability to communicate security requirements to both technical and non-technical stakeholders
- Exposure to Waterfall and Agile SDLC processes
- Relevant security certifications such as OSCP, OSWE, GWAPT, GPEN
- You have the freedom to work independently in a start-up setting, where constant change abounds.
- You are familiar with IT Security projects and the connections between end-user interfaces, servers, networks, storage, applications, and data that go into an IT service.
- You can effectively communicate with management, peers, and customers across disciplines and geographies to articulate issues, impacts, and advice on the preferred solution (s).
- You can meet priorities and produce quality deliverables and results while handling multiple work items.
- You have expertise in creating and preserving strong connections with peers and stakeholders.
- You can work independently and collaboratively within a diverse team environment.
- You have a Bachelor’s Degree in Computer Information Systems, Computer Science, or equivalent work experience.
If this role sounds exciting to you, send your application to recruitment@nekobiz.com.
Use the subject line: “Application for Senior Application Security Engineer”