What you will be doing:
As an Application Security Engineer , you will play a critical role in ensuring our software applications are secure by design and resilient against evolving threats. You will collaborate closely with development, DevOps, and product teams to embed security throughout the SSDLC and drive secure coding practices.
Conduct security assessments, penetration tests, and code reviews across web, mobile, and cloud applications.
Integrate security tools (SAST, DAST, SCA) into CI/CD pipelines using platforms like Azure DevOps, GitHub Actions.
Design and enforce secure coding standards and SSDLC policies.
Collaborate with developers to remediate vulnerabilities and provide inline guidance during PR reviews.
Lead threat modeling and architecture reviews for new features and services.
Manage secrets, access controls, and data confidentiality assurance across applications.
Monitor public exposure of cloud resources and enforce Azure policies to prevent misconfigurations.
Participate in incident response and forensic analysis for application-related security events.
Deliver security awareness training and documentation for engineering teams.
Maintain up-to-date knowledge of OWASP Top 10, secure coding techniques, and emerging threats.
3+ years of experience in application security or related fields.
Strong understanding of secure development practices, cryptography, and vulnerability management.
Familiarity with tools like CodeQL, GitHub Advanced Security, and container image scanning platforms.
Experience with cloud platforms (Azure preferred), microservices, and containerized environments.
Knowledge of authentication protocols (OAuth 2.0, OIDC), RBAC, and VPN architecture.
Familiarity with SBOM generation and supply chain security practices.
Certifications such as OSCP, CSSLP, or GWAPT are a plus.
Excellent communication skills and ability to work cross-functionally.
Internally motivated, well organized, able to work proficiently both independently and in a team environment.
Strong communication skills with both internal team members and external business stakeholders.
All-around team player who is self-motivated with a high work ethic.
