Senior Application Security Engineer
Corsearch has more than 1500 team members serving over 5,000 clients on five continents, and we’re growing and changing rapidly. We are a fantastic company to work for — with great benefits, growth opportunities, and a terrific internal culture — and we truly believe that its people who make us thrive. Every day, we are transforming ourselves into a better partner for our customers, a better employer for our colleagues, and a better investment for our owners.
About You
- Strong desire to always learn new technologies, techniques, and tools. You are excited about being an expert in this challenging field.
- Have an interest in embedding security into the fabric of an organization and infrastructure.
- A strategic thinker who can translate vision into tactical execution with good decision making and project management skills.
- Innate ability to effectively prioritize work in a highly dynamic work environment.
- Has a proven record of driving change and moving people off their comfort zone
- A proactive nature to make data-driven decisions and participate in complex initiatives from conception to deployment.
- You have natural ability to proactively reach out and facilitating communications between various teams to get the job done. Our responsibilities are cross-functional and cross-departmental.
The Responsibilities
- Ensure that our applications, software and infrastructure is designed and implemented to the highest security standards.
- Perform security assessments, design reviews, security audits, risk analysis, application-level vulnerability testing and security code-reviews on a wide variety of Corsearch environments.
- Lead application security reviews and threat modeling, including code review and dynamic testing.
- Analyze software designs and implementations from a security perspective and will subtle application security issues that appear under unexpected threat scenarios.
- Perform security assessments, security code audits, design reviews and threat modeling of applications
- Lead in development of automated security testing to validate that secure coding best practices are being used.
- Own and perform application security vulnerability management in addition to facilitating the preparation of security releases.
- Guide and advise product development teams as SMEs in the area of application security.
- Conduct research to identify new attack vectors against Corsearch products and services.
Your Experience:
- Extensive experience in Application Security or closely related field
- Extensive experience working in a agile software development environment
- Extensive experience with public cloud services including AWS, GCP and Azure
- Extensive experience in both cloud-native (Kubernetes) and on-premise applications
- Extensive experience in Atlassian tools including Jira and Confluence
- Strong experience automated DevSecOps type methodologies and CI/CD tools following Secure by Design principles
- Strong experience with SAST, DAST, SCA, and manual testing application security tools
- Strong interpersonal skills & communication skills; you should be an ambitious teammate with strong analytical, problem solving, debugging and troubleshooting skills
- Strong organization, time management and project management skills
- Familiarity with OWASP ASVS and similar frameworks