Resumen del rol

Application Security Engineer

Requisitos y responsabilidades

Contenido del rol extraído en secciones para revisar más rápido.

Application Security

  • Implement and maintain security controls for web and API applications.
  • Integrate security practices into the Secure SDLC, including threat modeling and security design reviews.
  • Ensure compliance with organizational security policies and industry best practices.

Security Tool Management

  • Manage and administer vulnerability scanning tools such as Tenable or equivalent solutions.
  • Configure, optimize, and maintain scanning policies and schedules.
  • Improve scan accuracy by reducing false positives and fine-tuning security tools.

SAST & DAST Implementation

  • Deploy and manage Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) solutions.
  • Integrate security testing into CI/CD pipelines.
  • Work closely with development teams to ensure effective security testing and reporting.

Vulnerability Management

  • Identify, validate, and assess application vulnerabilities through automated and manual testing.
  • Perform risk assessments and prioritize vulnerabilities based on business impact.
  • Track remediation activities and ensure timely closure of security findings.

Security Testing

  • Conduct manual and automated security assessments of web applications and APIs.
  • Validate reported vulnerabilities and verify remediation after fixes are implemented.
  • Document findings, attack scenarios, and remediation recommendations.

Offensive Security

  • Perform manual verification of vulnerabilities using penetration testing techniques.
  • Develop proof-of-concept demonstrations when required.
  • Support security assessments and red team activities.

Required Skills & Qualifications

  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 7+ years of experience in Application Security or Cybersecurity.
  • Hands-on experience with SAST, DAST, and vulnerability assessment tools.
  • Strong knowledge of OWASP Top 10, API Security, and secure coding practices.
  • Experience integrating security tools into CI/CD environments such as Jenkins, GitHub Actions, or GitLab.
  • Familiarity with scripting languages such as Python, Bash, or PowerShell.
  • Excellent analytical, troubleshooting, and communication skills.

Preferred Qualifications

  • Experience in threat modeling and secure architecture reviews.
  • Hands-on exposure to penetration testing or red team activities.
  • Industry certifications such as OSCP, CEH, GWAPT, CSSLP, or equivalent are preferred.
Roles similares

Mantén una lista de respaldo.

Ver stack
FocoApplication Security EngineeringÁrea del rol
Señal de senioritySeniorNivel del candidato
StackCI/CD, PythonSkills principales
Ubicación1 país aceptadoElegibilidad

Stack

Usa estas tags para comparar roles remotos similares.

Elegibilidad de ubicación

Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.

Tu perfilPaís no definidoInicia sesión para comparar tu país con este rol.

Flujo de contratación

WithMira muestra el rol y luego envía candidatos a la aplicación de la empresa.

1Revisa fit del rol, stack y elegibilidad de ubicación en WithMira.
2Abre la página de aplicación de la empresa desde el link rastreado.
3Guarda el rol o suscríbete a oportunidades similares antes de salir.
Aplicar en el sitio de la empresaSitio de la empresaAbrir link