Junior Application Security Engineer

The Junior Application Security engineer will be responsible for the following:

• Providing expertise in the Application Security areas of Web Application Security Services, API Security and Application Security Testing. 

• Developing policies to protect web application and API’s from malicious payload attacks, provide virtual patching capabilities and validation with Security Testing. 

• Assisting in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions. 

What You Will Bring: 

• Knowledge in building the F5 WAF, API Security, BOT protection, DOS/DDOS protection policies and extending them to hybrid cloud environment -AWS and Azure environment. 

• Familiarity with DevSecOps ecosystem: Terraform, Ansible, GitHub, Jenkins, Azure DevOps, SAST, DAST & SCA 

• Knowledge of Cloud & Kubernetes Resource Security, Secure Network and Architecture, SDLC standard and policies. 

• Familiarity with Web App Protection AWS and Azure App Protection Policy, Configuration, and Security Management tools 

• Expertise in Programming languages Python, NodeJS, SQL query and Vulnerable Code remediation.  

• Stay up to date with the latest application security threats and trends. 
   

Required: 

• Proficiency in designing, implementing, and maintaining effective security policies for web applications using WAF technologies. 

• Experience coordinating and performing vulnerability assessments using automated and manual tools. 

• Ability to review and analyse WAF logs to detect and respond to security incidents promptly. 

• Ability to review and analyse vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives. 

• Strong experience with BI Design and Development. 

• Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc.). 

• Familiarity with common security libraries, security controls, and common security flaws. 

Other Application Security Engineer Role requirement for CSC: 

• Manage security integration into the SDLC process at CSC. 

• Help evolve CSC’s application security functions and services. 

• Responsible for Security bug intake and remediation process for CSC. 

• Identify security exposures and develop mitigation plans. 

• Identify, report and fix technical debt. 

• Assist Senior Application Security on all application security activities. 

• Become a representative for the CSC Information Security program. 

• Be productive and participate in security initiatives with minimal supervision. 

• Use the tools and technologies used throughout CSC InfoSec. 

• Troubleshoot issues and performance bottlenecks. 

• Follow Security best practices  

• Strong foundation in core information security principles and goals. 

• Proven expertise in enterprise security solutions. 

• Knowledge of common and emerging security threats. 

• In-depth knowledge of security best practices. 

• Exceptional analytical aptitude and attention to detail. 

• Excellent communication skills. 

• Ability to explain complex security topics in simple language. 

• Fast learner / a strong willingness to learn. 

• Good team player who is self-motivated and well organized. 

• Security Certifications are a plus. 

#LI - CS1