By using this web site you accept our use of cookies. More information about cookies
Accept
Infopulse - Expert Software Engineering, Infrastructure Management Services
By using this web site you accept our use of cookies. More information about cookies
Accept
Infopulse - Expert Software Engineering, Infrastructure Management Services
Infopulse - Expert Software Engineering, Infrastructure Management Services
reCAPTCHA
Send message Please fill in this quick form and we will send you a free quote shortly.
* Required fields
Your privacy is important to us. We will never share your data.
Subscribe to our updates Be among the first to get exclusive content on IT insights, innovations, and best practices.
* Required fields
Your privacy is important to us. We will never share your data.
Subscribe to our New career opportunities Please fill in this quick form to be among the first to receive our updates.
* Required fields
Your privacy is important to us. We will never share your data.
reCAPTCHA
* Required fields
Your privacy is important to us. We will never share your data.

Photo of Ivan Dziubyshyn Send an email to Ivan Dziubyshyn Please fill in this quick form to contact our expert directly.
* Required fields
Your privacy is important to us. We will never share your data.
Download ebook Please fill in this quick form
* Required fields
Your privacy is important to us. We will never share your data.
Apply for the career opportunity Please fill in the form below to apply for the career opportunity.
* Required fields
Your privacy is important to us. We will never share your data.
Read the Full Case Study Don't miss the most interesting part of the story!
Submit this quick form to see the rest and to freely access all case studies on our website.
* Required fields
Your privacy is important to us. We will never share your data.
Infopulse - Expert Software Engineering, Infrastructure Management Services

Application Security Engineer (9927)

Location: Remote Ukraine  |  April 29, 2021

The security specialist will be collaborating closely with our Application Development, DevOps and Production Support teams with a focus on defining processes and standards, ensuring that corporate requirements and best practices are implemented in SDLC. In this role, the specialist will collaborate closely with all our internal and our customer’s development teams to ensure adherence to security policies, processes and standards, provide information security recommendations and guidance in order to identify, manage, and mitigate security risks.

The applicant will have a strong knowledge of application security and data protection, demonstrate competencies in legacy and modern web application development, data protection and privacy, application architecture and frameworks, application security industry best practices, application vulnerability types, threat vectors and remediation approaches, development methodologies, application security testing tools, familiarity with APIs for integration, process documentation, and vulnerability management.

Areas of Responsibility

  • Perform threat modelling, risk assessment, secure design and source code review for applications
  • Perform system and application security requirements review, definition and clarification
  • Collaborate closely with development teams to assess the security posture/risk of the product features being developed and help integrate the best security practices into their development processes and source code security review
  • Support the application team as well as development teams to design and implement processes and/or tools for secure code reviews and security testing
  • Develop abuse use cases for project-related security testing in alignment with the security requirements objectives
  • Perform targeted security tests to assist in detection and remediation validation of security relevant defects and vulnerabilities
  • Conduct application security assessments, contribute to the security enhancement of the Systems Development Life Cycle (SDLC), provide actionable security recommendations for the development of various types of applications: web, mobile, embedded, etc.
  • Recommend security solutions, develop and implement security and compliance tools in support of security analysis processes
  • Incorporate security tools/tasks into automated product development and deployment lifecycles (SAST/DAST/IAST integration into CI/CD pipeline)
  • Implement security culture, tools and processes into software development environment
  • Collaborate closely with product and platform teams to design and implement security controls and best practices
  • Provide secure application development training to developers
  • Develop and maintain a balanced application security programm based on a well-defined application security framework
  • Stay current with security industry trends and implement best practices within Secure SDLC
  • Investigate and pilot commercial and open-source application security tools
  • Participate in the development of corporate documents on system and application security
  • Develop corporate documents, technical reports, metric reporting and security related presentations

Qualifications

  • Bachelor’s or Master’s degree in computer science or related field or equivalent experience, depending on the role level
  • 5+ years of experience with application security architecture with expertise in applying secure software development methods within the SDLC, designing and building secure software systems
  • Solid understanding of fundamental application security building blocks such as authentication, authorization, data validation, encryption and security assurance
  • Strong familiarity with application security concepts/standards/laws/best practices (e.g. OWASP, NIST, CIS, ISO 15408, ISO 27xxx, PCI DSS, EU GDPR)
  • Experience of mentoring, advising or guiding teams to follow architectural or security best practices
  • Experience of conducting security code review, application threat modelling and security risk assessment
  • Understanding of the TCP/IP Stack, web application architecture, encryption fundamentals and OWASP Top 10
  • Strong desire to grow in both engineering and security expertise
  • Good knowledge of software development processes, integration of security assessments in Software Development Life Cycle (SDLC) process
  • Understanding of Agile/DevOps principles
  • Familiarity with code reviews, application security tools and techniques
  • In-depth, hands-on understanding of application architectures and technology (including web applications, mobile technology, identity and access management)
  • Experience of performing application security assessments such as threat modelling, security testing, vulnerability management and remediation
  • Experience with or knowledge of security testing tools such as SAST or DAST
  • Good understanding of at least two of the following programming languages (i.e. the ability to understand the issue by looking at code snippets): C#, C++, Java, Python, JS
  • Experience with Microsoft Cloud Security
  • Knowledge of vulnerability management and security testing tools such as Acunetix, Nessus, Nmap, Burp, ZAP, Kali Linux

Will be an advantage

  • Experience in application development, secure coding and scripting languages for automation
  • Experience with architecture security design and review

Personal Skills

  • Strong analytical and problem-solving skills
  • Ability to research, analyze and resolve complex problems with minimal supervision and escalate issues as appropriate
  • Strong ability to learn and research new things, including tools, languages, frameworks, etc.
  • Self-starter; ability manage multiple tasks according to priorities; result-oriented mindset and proven ability to meet deadlines
  • Strong interpersonal skills
  • Experience of evaluating and selecting toolsets
  • Excellent documentation skills
  • Able to work independently or with a team
  • Able to multi-task and consistently deliver to deadlines
  • Excellent communication skills: presentation, written and verbal
Subscribe to our New career opportunities