Middle Application Security Engineer
at Epam Systems
Desde casa, Cauca, Colombia -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 27 Aug, 2024 | USD 200 Annual | 28 May, 2024 | 2 year(s) or above | Application Security,C++,Code Review,Python,Technical Documentation,Algorithms,Kubernetes,Technology,Security Certification,Gwapt,Threat Modeling,Oscp,Communication Skills,Languages,Databases,Gpen,Secure Coding,Security Testing,Data Structures | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
We’re seeking an Application Security Engineer to join our remote team.
Your main task will be to safeguard our Customer’s information systems’ confidentiality, integrity, and availability. You’ll employ various security tools and technologies to secure applications and gaming systems. If you’re always one step ahead of cyber threats and have a passion for security, we’d love to connect with you!
REQUIREMENTS
- A minimum of 2 years’ experience in Information Security principles, technology, and control processes
- Development experience in languages such as Python, C++, Golang/Rust
- Expertise in application security, code review, DAST (Dynamic Application Security Testing), and SAST (Static Application Security Testing)
- Experience with Secure Coding and AppSec frameworks (OWASP Guide, SANS CWE Top 25, CERT Secure Coding)
- Practical experience in implementing secure SDLC practices
- Solid understanding of DevOps principles, Docker container security, and Kubernetes
- Experience in working with and setting up services on AWS infrastructure
- Experience in threat modeling and implementing security testing methodologies like OWASP Top 10
- Understanding and application of concepts such as algorithms, data structures, OOO design, databases
- CEH and Offensive Security Certification (OSCP, GPEN, or GWAPT)
- Excellent communication skills, both oral and written, including report writing and technical documentation
- English fluency with an Upper-Intermediate level of proficiency
Responsibilities:
- Application security assessments on internal and external applications, along with defining and updating application security methodology
- Keeping up-to-date with secure coding best practices and aiding with static/dynamic code analysis
- Designing, creating, testing, documenting, deploying, and maintaining new automation, capabilities, and security services for the InfoSec team
- Staying informed about Customer’s applications and their security stance
- Defining and developing InfoSec training on web-based exploits/tools and corresponding mitigation techniques
- Collaborating with cross-functional teams to devise complex solutions
REQUIREMENT SUMMARY
Min:2.0Max:7.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Proficient
1
Desde casa, Colombia