Role Description

We are looking for a skilled Cybersecurity Engineer – Application Security to join our growing security team. The ideal candidate will have a strong background in secure software development practices and be proficient in implementing and managing SAST and DAST tools to identify and remediate application vulnerabilities. You will play a key role in securing applications across the SDLC and supporting development teams with security best practices.

Key Responsibilities

• Perform static and dynamic application security testing (SAST/DAST) to identify vulnerabilities in web, mobile, and cloud-native applications.
• Integrate SAST and DAST tools into CI/CD pipelines and ensure automation of security checks.
• Collaborate with development, DevOps, and QA teams to define secure coding standards and assist in remediating identified vulnerabilities.
• Conduct threat modeling and security design reviews of new and existing applications.
• Monitor and manage security scanning tools, configure rules, and maintain reports and dashboards.
• Triage findings from scans, prioritize based on risk, and provide actionable remediation guidance.
• Stay up to date on the latest application security threats, vulnerabilities, tools, and industry best practices.
• Support internal and external audits and compliance efforts related to application security.
• Own and maintain day to day Security Operations (Monitoring, Observability, Triage, Resolution, Improvements, Internal Investigations, Incident Response Ownership/Execution, Own and Execute internal and external PenTesting, Annual NIST Evaluation, Application Scans, Participate in 24x7 Security Support
  
  

Required Skills & Qualifications

• 3+ years of experience in application security or software security engineering.
• Hands-on experience with SAST tools (e.g., SonarQube, Fortify, Veracode) and DAST tools (e.g., OWASP ZAP, Burp Suite, Acunetix).
• Strong understanding of software development lifecycles (SDLC) and secure coding practices (OWASP Top 10, CWE).
• Experience with vulnerability management and triage.
• Strong analytical, problem-solving, and communication skills.
  
  

Skills

Application Security, SAST, DAST