Application Security Engineer

Application Security Engineer

Kairos Technologies Private Limited
Hyderabad / Secunderabad
6 - 10 Years
Not Specified

Job Description


The Role:
Senior application security engineer will be a senior member of the Application Security team and will lead key initiatives for the firm. In this role, the individual will use their deep experience with application securityand will contribute towards building the application security roadmap. In addition, they possess a solid understanding web application firewall (WAF) and other perimeter security controls such as Bot detection, DDoS et.The understanding of key application security concepts such as authentication, authorization, encryption, key management is highly desirable.
The individual will be responsible for managing the WAF product for the firm. This include administration, rules management and analysis of events.
The individual will also interact with businesses on a regular basis and will generate appropriate KPI/KRI’s to discuss the effectiveness and status of the program.
Key Responsibilities:
• Strong background in application security and well informed on key application security controls
• Extensive knowledge of managing Web Application Firewall (Product) including rules management and product administration
• Extensive knowledge of web technologies and concepts including APIs, microservicesetc
• Expertise in advising tech teams on application security vulnerability remediation
• Strong understanding of networking concepts
• Proven ability to understand and analyze highly complex issues, then apply experience and judgment to develop sound recommendations related to application and security event identification and resolution
• Strong organization skills with high attention to detail.
• Able to work independently with minimal supervision
• Excellent communication skills – written, verbal, presentation and interpersonal
• Willing to learn new skills and implement new technologies
Essential Key Responsibilities % of Time
1. Administrator WAF product for the firm and onboard all key assets
35%
2. Manage the WAF rules and interact with the business to identify any custom rule requirement 20%
3. Work with the other appsec members to validate the effectiveness of the control 10%
4. Work with the security operations and technology team to analyze the WAF events and to perform root cause analysis of security incidents
20%
5. Manage application security projects to address continuous risk and threats and to reduce vulnerability exposure for the firm.
15%
Notes:
• This is not an exhaustive list of all functions or responsibilities the employee may be required to perform; the employee may be required to perform additional functions as necessary
• Dun & Bradstreet reserves the right to revise the job description at any time
• Employment with the Company is at will (where applicable)
Education/Experience and Competencies
List the knowledge, skills, abilities, physical abilities, experience, licenses, training, educational requirements, etc. required for the position. These are not functions but rather the attributes an individual must possess in order to be qualified for the position.
1. Bachelor’s degree
2. 10+ years of working experience in cyber security, preferably in application security, secure SDLC and application development
3. Solid experience on managing web application firewall, preferably Akamai
4. Working knowledge of the Microsoft Security Development Lifecycle (SDL), OWASP Software Assurance Maturity Model (SAMM), or Building Security in Maturity Model (BSIMM).
5. Strong technical acumen, communication and influence skills to demonstrate effectiveness of different application security initiatives
6. Solid understanding of:OWASP Top 10, NVD, CVSS scoring, application assessments

Kairos Technologies

Similar Jobs

People Also Considered

Career Advice to Find Better