Application Security Engineer

Strong knowledge of secure application design, including security protocols, encryption, authentication/authorization mechanisms, and Web Application Firewall (WAF) implementation. Solid understanding of the Secure Software Development Lifecycle (SSDLC) and its key phases. Proven experience in identifying security issues through manual and automated code reviews, with the ability to recommend effective mitigations. Familiarity with programming languages such as Java, Python, .NET, and JavaScript. Hands-on experience with Software Composition Analysis (SCA) and Static Application Security Testing (SAST) tools (e.g., Snyk) and designing remediation strategies. Basic understanding of networking and web protocols (TCP/IP, UDP, HTTP/S, etc.). Experience working collaboratively with development teams and cross-functional stakeholders. Experience in working in an international environment with a geographically spread team. Experience in working in a global Security function using well-defined processes and standards. Minimum of 5-10 years of experience in cyber security. Provide security architecture and design guidance for internal systems and externally facing products (e-commerce platforms, web applications, and custom-developed solutions). Conduct and support application security assessments, including threat modeling, code reviews (manual and automated), SAST, and SCA. Lead and manage application security vulnerability management processes. Contribute to security incident investigations, offering support and remediation guidance. Continuously monitor and stay informed on emerging threats, vulnerabilities, and best practices in application security. Deliver training and awareness programs to development teams on secure coding practices and application security principles.