Startup Jobs
Post a Job

Solidigm is hiring an

Application Security Engineer

Zapopan, Mexico
Full-Time

As an Application Security Engineer, you will be an integral part of our technology team, focusing on enhancing the security posture of our software development lifecycle (SDLC). Your role will be crucial in conducting Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and specializing in Blackduck testing to support our engineering and DEVOPS teams

Key Responsibilities:

 

  • Design and develop application security controls focusing on authentication, authorization, access control, secrets management, logging, and monitoring based on enterprise cyber capabilities such OKTA, CyberArk, SailPoint and Splunk
  • Perform implementation and operations of SAST (Klocwork, Coverity, Fortify SCA, Clang) and DAST (WebInspect, Invicti, Checkmarx, BurpSuite) to identify and mitigate security vulnerabilities.
  • Conduct thorough security assessments and validations to ensure the effectiveness of implemented controls.
  • Serve as the go-to person for facilitating the implementation of application security controls in all in-house developed applications, SaaS solutions, and vendor-developed/hosted applications.
  • Work closely with cross-functional teams to remediate identified vulnerabilities and enhance overall application security posture.
  • Stay abreast of the latest industry trends, emerging threats, and advancements in application security.
  • Ensure compliance with industry standards, guidelines and best practices such as OWASP (Open Web Application Security Project), SANS.
  • Conduct regular assessments and audits to verify adherence to OWASP standards and address any identified gaps.
  • Collaborate with incident response teams to investigate and mitigate security events related to application security.
  • Foster strong partnerships with development teams, IT operations, and other relevant stakeholders to promote a culture of security awareness and collaboration.
  • Communicate complex security concepts effectively to both technical and non-technical audiences.
  • Proven experience in application security with a focus on authentication, authorization, access control, secrets management, logging, and monitoring.
  • Industry-standard certifications such as CISSP, CSSLP, Certified Ethical Hacker (CEH), or equivalent.
  • Security vendor certifications such as Checkmarx, Coverity, Klocwork, BurpSuite, WebInspect and Fortify SCA
  • In-depth understanding of OWASP guidelines and best practices.
  • Strong programming/scripting skills in Python, PowerShell and familiarity with modern development frameworks.
  • Excellent communication and interpersonal skills.
Apply for this job

Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!

Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Application Security Engineer Q&A's
Report this job
Apply for this job