Application Security Engineer

Job Summary :

As an Application Security Engineer, you will play a critical role in protecting the global enterprise by identifying and mitigating security vulnerabilities that could expose the company to risk.

You will collaborate with cross-functional teams to assess threats, oversee remediation efforts, and ensure security best practices are integrated into the software development lifecycle.

Key Responsibilities :

Identify, evaluate, and report security vulnerabilities across the enterprise.

Work with development, risk, and security teams to prioritize remediation efforts.

Integrate security best practices into DevOps workflows and agile delivery processes.

Conduct security testing on applications, APIs, and cloud environments.

Perform source code reviews and API security testing.

Utilize security tools such as Burp Suite, Postman, and ZAP for penetration testing.

Ensure compliance with IT security standards, governance, and risk management policies.

Maintain effective communication with stakeholders to drive security initiatives.

Required Skills & Experience :

3 years in IT Security, Risk Management, or IT Auditing.

Strong knowledge of OWASP Top 10 (web and API vulnerabilities).

Hands-on experience with security in DevOps environments.

Understanding of networking protocols (IP, DNS, HTTP).

Experience in API security testing and application penetration testing.

Familiarity with enterprise architecture and API development best practices.

Excellent communication, problem-solving, and organisational skills.

Ability to work independently and cross-functionally.

Preferred Qualifications :

Bachelor's or Master's in Computer Science, Information Systems, or equivalent experience.

Relevant security certifications (ASCP, ASE, OSWE, eWPT, GWEB, etc.).