AppSec Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
AppSec Engineer ensuring security in software development lifecycle. Involved in vulnerability management and secure software development for e-commerce company.
Responsibilities:
- Manage and operate application security and code vulnerability tools (e.g., SAST, DAST, dependency scanning, container security).
- Identify, analyze, and validate vulnerabilities discovered in source code, applications, containers, and external attack surface.
- Support and oversee vulnerability discovery activities, including:
- o Automated scanning tools
- o Bug bounty findings
- o Manual testing results (where applicable)
- Coordinate and support vulnerability remediation with development teams.
- Manage and improve the Secure Software Development Lifecycle (SSDLC).
- Review and manage the handling of secrets and sensitive data using tools such as HashiCorp Vault.
- Perform security reviews of external libraries, dependencies, and supply chain components.
- Support security testing tools such as OWASP ZAP, Acunetix, Burp Suite, SonarQube, Outpost24 EASM, and container scanning solutions.
- Correlate findings from multiple security tools and prioritize remediation based on risk.
- Ensure vulnerabilities are properly tracked, documented, and managed through Jira tickets.
- Validate that remediation actions are correctly implemented before closing tickets.
- Contribute to defining security standards, guidelines, and best practices for developers.
- Document new procedures or update existing ones related to application and development security.
- Ensure documentation is accurate, comprehensive, and delivered on time.
- Collaborate with SOC, IAM, and SIEM engineers when vulnerabilities or incidents overlap domains.
- Create reports and metrics related to vulnerabilities, remediation status, and SSDLC effectiveness.
- Engage in ongoing training and professional development to stay current with emerging threats, vulnerabilities, and secure development practices.
- Share knowledge and expertise with development and security teams to foster a culture of secure-by-design development.
- Adhere to the organization's different policies.
- Keep your work organized and traceable through tickets (Jira).
Requirements:
- Five years of a university degree or a four-year college diploma, preferably in computer science, telecommunications, or other related academic fields, or equivalent work experience, are required.
- At least 2 years of work experience in application security, DevSecOps, or similar roles.
- Hands-on experience identifying and managing code and application vulnerabilities.
- Experience working with vulnerability scanning tools for:
- o Source code
- o Web applications
- o Containers and dependencies
- Understanding of the Secure Software Development Lifecycle (SSDLC).
- Experience collaborating with development teams on vulnerability remediation.
- Familiarity with secrets management and secure configuration practices.
- Strong analytical and problem-solving skills.
- Ability to work independently and as part of the Information Security Team under minimal supervision.
- Eager to learn and continuously improve security practices.
- Good documentation and reporting skills.
- Technical skills:
- o Solid foundations in networking, application architectures, and cybersecurity.
- o Ability to understand application flows, APIs, and common vulnerability patterns.
Benefits:
- 22 days of annual leave.
- 10 days of national holidays.
- Health Insurance options.
- Access to e-learning platforms.
- Possibility of on-site English classes in some countries, and more.
Similar Jobs
Commissioning Engineer
Commissioning Engineer carrying out activities for sorting and distribution systems in the CEP industry. Supporting hardware migration and conducting customer training with travel requirements.
Senior Substation Project Engineer
Sr. Substation Project Engineer managing renewable generation substation projects from conception to commissioning. Leading engineering teams and conducting project tracking with client communication.
Senior Infra Engineer – Baremetal Orchestration
Senior Infra Engineer at Railway focusing on building and maintaining provisioning stacks and orchestration engines. A high impact role with ownership in a fast-paced, global environment.
Outside Plant Engineer III
OSP Engineer III leading engineering of complex outside plant projects for Pearce Services. Overseeing design, permitting, and compliance for fiber and copper infrastructure.
Outside Plant Engineer III
OSP Engineer III leading engineering of complex outside plant programs for Pearce Services. Overseeing fiber/copper builds and mentoring junior engineers while ensuring compliance with standards.
Outside Plant Engineer
OSP Engineer focusing on design, planning, and implementation of outside plant projects at Pearce Services. Requires experience in engineering, permitting, and project management.
Outside Plant Engineer
OSP Engineer designing and implementing outside plant projects for Pearce Services, a leading asset management solutions provider. Requires strong engineering and project management skills with a focus on telecom networks.
Outside Plant Engineer
OSP Engineer focusing on design and implementation of outside plant projects. Managing budgets and ensuring compliance in telecommunications infrastructure.
OSP Engineer II
OSP Engineer II responsible for engineering copper and fiber network facilities for Pearce Services. Supporting the delivery of telecom services including Fiber-to-the-Home (FTTH), DSL, and other solutions.
OSP Engineer II
OSP Engineer II designing and supporting telecommunications infrastructure for Pearce Services. Engineering copper and fiber networks while ensuring compliance with standards and budgets.
Forward Deployed Engineer
Forward Deployed Engineer working with law firms to implement AI solutions into their workflows. Responsible for enterprise deployments and enhancing customer experience with Spellbook.
Fire Protection/Plumbing Engineer II
Fire Protection/Plumbing Engineer II role at DLB Associates involving design and collaboration on plumbing and fire protection projects for commercial buildings.
Customer Delivery Engineer
Customer Delivery Engineer directly interfacing with clients for PostgreSQL deployments and optimizations. Leading migrations and performance improvements in a remote, collaborative environment.
CX Engineer
Google CX Engineer leading architecture and technical development for Gemini Enterprise Customer Experience solutions. Focusing on advanced conversational AI solutions using Google Cloud.
Scheduling Engineer
Scheduling Engineer with expertise in incident management and service support at EY. Proactively resolving service issues and enhancing service quality through analytical skills.
Electric Distribution Engineer
Electric Distribution Engineer working remotely in the US to design and support reliable electric distribution systems for communities. Join CHA Consulting's Electric Distribution Team to contribute to critical energy infrastructure projects.
Genesys Cloud CX Engineer – Consultant
Genesys Cloud CX Engineer at Voyage Advisory designing and implementing solutions for federal clients. Engaging with stakeholders for requirements gathering and improving user experience in contact centers.
Agentic Engineer
Agentic Engineer designing and integrating AI-powered agents to enhance software development workflows. Collaborating with engineering teams to integrate tools in CI/CD pipelines.
Electrical Energy Engineer
Electrical Energy Engineer assessing electrical systems for energy efficiency projects, performing technical surveys, and collaborating with various teams. Position involves site visits and project coordination with focus on innovative energy solutions.
Transmission Engineer
Optical Network Engineer performing upgrades and maintenance on Ciena platforms with operational support. Join Capgemini Engineering, leading projects in optical networking technologies.