Application Security Specialist

Posted: posted 25 days ago

---

Job Description

Job Title: Application Security Specialist

 Location: Kolkata / Bangalore

Seeking a highly qualified Application Security Specialist to oversee and enhance the security posture of our software development initiatives. The successful candidate will be responsible for implementing robust security practices throughout the application development lifecycle, conducting vulnerability assessments, and performing penetration testing to safeguard our applications built on diverse technology stacks, including Python, Node.js, .NET, Angular, and React.

Key Responsibilities

 

•    Secure Coding Governance:

Establish, enforce, and monitor adherence to secure coding standards across all software development projects to minimize security risks.

•    Vulnerability Management:

Identify, analyze, and remediate security vulnerabilities in applications, focusing on areas such as network penetration, injection attacks, and other common exploits.

•    Penetration Testing:

Plan and execute comprehensive penetration tests to detect security weaknesses and collaborate with development teams to implement corrective measures.

•    Technical Leadership:

Leverage expertise in security tools and frameworks applicable to Python, Node.js, .NET, Angular, React, and related technologies to support secure software development.

•    Collaboration and Training:

Work closely with cross-functional teams including development, quality assurance, and operations to embed security best practices. Provide training and guidance to enhance security awareness across the organization.

•    Continuous Improvement:

Stay abreast of the latest security threats, trends, and technologies, and continuously improve security policies, tools, and processes.

Required Qualifications and Skills

•    Technical Proficiency:

Strong programming experience with Python, Node.js, .NET, Angular, and React frameworks.

•    Security Expertise:

Comprehensive knowledge of application security principles, including OWASP Top 10 vulnerabilities, network penetration methodologies, injection attacks, and secure software development lifecycle (SDLC).

•    Security Tools Experience:

Proficient in using vulnerability assessment and penetration testing tools such as static and dynamic application security testing (SAST/DAST) tools, security scanners, and related technologies.

•    Analytical Abilities:

Exceptional problem-solving skills with the ability to assess complex security issues and provide effective mitigation strategies.

•    Communication:

Excellent interpersonal and communication skills to interact effectively with technical teams and stakeholders at all levels.

Preferred Qualifications

•    Certifications such as CISSP, CEH, OSCP, or equivalent.

•    Experience working in Agile and DevOps environments.

•    Familiarity with cloud security principles and best practices.