Job Description:

As an Application Security Specialist, you will play a pivotal role in securing our applications and protecting our infrastructure from potential threats. Your responsibilities will include:

• SAST and DAST Testing: Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), review their outputs, and assist the development team with remediation strategies.
• GitHub Security: Configure and manage security tools such as Checkmarx and leverage GitHub's native security features to scan vulnerabilities in the codebase and dependencies.
• CI/CD Pipeline Security: Ensure integration of security scans within our CI/CD pipelines to identify vulnerabilities early in the development process.
• Container Security: Implement and enforce security best practices for containerization within AWS ECS and ECR environments, focusing on secure configurations, image scanning, and robust access control measures.
• Vulnerability Management: Lead the coordination and management of vulnerability scanning and remediation efforts across the application stack, encompassing the codebase, containers, and AWS infrastructure.
• Penetration Testing: Conduct thorough penetration testing on products and systems, including web applications and services, to identify and exploit security flaws.
• Cross-functional Collaboration: Participate in triage calls with cross-functional teams and effectively communicate vulnerability details, risks, and potential impacts to stakeholders.

Requirements:

• Over 3-5 years of hands-on experience in application security.
• Advanced proficiency in tackling technical challenges independently.
• Basic understanding of AWS cloud technologies and environments.
• Familiarity and experience with tools like Snyk, Veracode,Gitleaks and Burp Suite will be an added advantage.
• Strong knowledge of web application frameworks (such as OWASP) and CI/CD frameworks.
• Experience with scripting languages (e.g., Python, JavaScript, PowerShell, Ruby, PHP) to develop custom scripts.
• Familiarity with shift-left tools and application security workflows.
• Excellent collaboration skills to work with cross-functional teams towards shared goals.
•  Excellent written and verbal communication skills.
• Bachelor’s degree in information technology, Computer Science, or equivalent practical experience.