Application Security Engineer

6 days ago Be among the first 25 applicants

Direct message the job poster from DefensePoint

We are seeking an Application Security Engineer to join a leading company in the AppSec industry and work on an exciting project. This is a well-paid remote role that offers an exceptional opportunity for growth and becoming an expert in application security.

Responsibilities:

• Perform different kinds of security assessments of customer applications. Including penetration testing, Threat Modeling and Secure Code Review.
• Analyze applications and generate vulnerability reports containing effective mitigation strategies.
• Analyze code security scan results, like SAST and DAST reports.
• Work together with customers to customize and tailor software security solutions to their environment.
• Collaborate with vendors in the community to identify and address flaws in software projects.
• Configure and enhance a DAST tool for multiple web application contexts.
• Work alongside the engineering team to share knowledge and insights on various aspects of application security.
• Help enable the secure development of new features for customer applications.

Your profile:

• At least 1 year of experience in application security or security research, demonstrating a strong understanding of application security attacks, vulnerabilities, and mitigation techniques.
• Strong knowledge in common Web Application security vulnerabilities (OWASP TOP10, SANS 25, etc.).
• At least 1 year of experience with Penetration Testing and Secure Code Reviews.
• Proficiency in 2-3 programming languages, such as Java, C#, Go, JS, Python, PHP, Ruby, etc.
• Language-agnostic approach to vulnerability identification in source code, capable of reading and identifying vulnerable parts in multiple programming languages.
• Knowledge of computer networks and cloud infrastructure.
• Excellent written and verbal communication skills in English.
• Customer-centric mindset.

Nice to Have:

While not mandatory, the following qualifications are desirable:

• BSc or BA in Cyber Security, Computer Science or a related field.
• Experience working with development teams.
• Previous experience with bug bounty research or published advisories/exploits for discovered 0day vulnerabilities in applications.
• Experience with Threat Modeling and Architecture Reviews of web applications.
• Knowledge of Secure Software Development Life-Cycle requirements.

What We Offer:

• Opportunity for Growth: We are committed to enabling your professional development, allowing you to grow and excel in your career.
• Expertise Development: We encourage individuals who are eager to challenge themselves and become experts in application security.
• Focus on Learning and Achievement: As part of a company dedicated to application security, you will have a unique environment where you can truly focus on learning, growth, and achieving your goals.
• Advancement Opportunities: We offer a genuine opportunity to advance in the field of Application Security. As you progress, you can aspire to become a Senior Engineer or even a Team Lead in our disruptive and forward-thinking company.

If this role excites you but you are concerned about not meeting all the requirements, please submit your application anyway. We would love to connect with you!

Join our team today and be a part of our journey to reshape the Application Security industry. Apply now!

Our recruiting process consists of...

• Send us your updated CV
• First interview (30 min)
• Technical Assessment
• Second interview (30 min)
• Offer
• Contract signing

• Seniority level
  Entry level

• Employment type
  Full-time

• Job function
  Engineering and Information Technology
• Industries
  Computer and Network Security

Referrals increase your chances of interviewing at DefensePoint by 2x

Get notified about new Application Security Engineer jobs in Brazil.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.