Application Security Engineer job at Cellulant Corporation
Website :
659 Days Ago
Linkedid Twitter Share on facebook

Vacancy title:
Application Security Engineer

[ Type: FULL TIME , Industry: Information Technology , Category: Computer & IT ]

Jobs at:

Cellulant Corporation

Deadline of this Job:
14 February 2023  

Duty Station:
Within Kenya , Nairobi , East Africa

Summary
Date Posted: Wednesday, February 01, 2023 , Base Salary: Not Disclosed

Similar Jobs in Kenya
Learn more about Cellulant Corporation
Cellulant Corporation jobs in Kenya

JOB DETAILS:

JOB DESCRIPTION:
Application Security Engineers work closely with development teams, product managers (PM), and Quality Engineers to ensure that Cellulant’s products are secure. As an application security engineer, you will be required to set security controls and design requirements during the software creation and development stage of the software lifecycle. You will also be required to lead the integration of these designs into the software.
In this position, you are a passionate and talented application security engineer with a very deep understanding of OWASP, CWE 25, Data Protection, Access management software vulnerabilities, and best practices design and threat modeling skills who can work in a dynamic environment. You must be dedicated to able to work with developers in producing secure code in short time frames and be willing to go beyond the standard routine.
You will work closely with Software Engineers, DevOps Engineers, Software Quality Engineers and Product Managers within existing product teams to deliver high-quality software releases.

CORE RESPONSIBILITIES:
Performing security-focused code reviews.
• Supporting and consulting with product and development teams in the area of application security, including threat modeling and application security reviews.
• Assisting teams in reproducing, triaging, and addressing application security vulnerabilities.
• Assisting in the development of security processes and automated tooling that prevent classes of security issues.
• Leading both critical and regular security releases.
• Leading application security reviews and threat modeling, including code review and dynamic testing.
• Leading the development of automated security testing to validate that secure coding best practices are being used.
• Guiding and advising product development teams as SMEs in the area of application security.
• Developing security training and socializing the material with internal development teams.
• Participating and assisting in initiatives to holistically address multiple vulnerabilities found across our product spectrum

QUALIFICATIONS & EXPERIENCE:
Must have experience:
• 3-5 Years of Experience in Application Security, SSDLC, and Threat Modelling with an MS/BS degree in Information System Management / Computer Science / Information Security or a related technical discipline with at least 2 years of Software Development experience.
• MUST have a deep understanding of OWASP Top 10 and CWE 25; with a proven track record and experience in implementing and integrating remediation strategies.
• Well-versed in application design, penetration testing, application risk assessment, and risk categorization.
• Experience in managing application security testing tools like SAST, DAST and Open Source Vulnerability Scanning.
• Solid problem-solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution.
• Able to work well with software engineering teams.
• Experience identifying security issues through code reviews.
• Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
• Familiarity with some common security libraries and tools (e.g. static analysis tools, proxying / penetration testing tools).
• Familiarity and ability to explain common security flaws and ways to address them (e.g. OWASP Top 10).
• Good development or scripting experience and skills. Java, Springboot, JavaScript, and/or Python are preferred.
• A basic understanding of network and web-related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols).
• CICD (Continuous Integration Continuous Development) – Circle CI, Jenkins, GitHub
• Must be a self-starter, able to work under pressure and with limited supervision both individually and with other team members

Experience that will count in your favor:
• Experience working in Agile teams
• Experience in Linux operating systems
• Excellent organization and time management skills and ability to work independently with minimal supervision
• Must be able to work in a fast-paced environment and manage priorities and multi-task.

Work Hours: 8


Experience in Months: 36

Level of Education:
Bachelor Degree

Job application procedure

Interested and qualified? Click here to apply


All Jobs

QUICK ALERT SUBSCRIPTION

Job Info
Job Category: Computer/ IT jobs in Kenya
Job Type: Full-time
Deadline of this Job: 14 February 2023
Duty Station: Nairobi
Posted: 01-02-2023
No of Jobs: 1
Start Publishing: 01-02-2023
Stop Publishing (Put date of 2030): 01-02-2067
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.