Senior Application Security Engineer
at Epam Systems
Magyarország, , Hungary -
| Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
|---|---|---|---|---|---|---|---|
| Immediate | 15 Feb, 2025 | Not Specified | 18 Nov, 2024 | 2 year(s) or above | Analytical Skills,Communication Skills,Writing,Github,Software Development,Application Security | No | No |
Required Visa Status:
| Citizen | GC |
| US Citizen | Student Visa |
| H1B | CPT |
| OPT | H4 Spouse of H1B |
| GC Green Card |
Employment Type:
| Full Time | Part Time |
| Permanent | Independent - 1099 |
| Contract – W2 | C2H Independent |
| C2H W2 | Contract – Corp 2 Corp |
| Contract to Hire – Corp 2 Corp |
Description:
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
EPAM is looking for an experienced Senior Application Security Engineer to support our clients in improving their security posture.
You will work together with various security and non-security teams to implement secure coding guidelines, conduct thorough code reviews, integrate SAST/DAST tools into the CI/CD pipeline and facilitate threat modeling in the software development lifecycle.
REQUIREMENTS
- 5+ years of experience in Application Security
- Strong experience with Checkmarx CxSAST or other SAST tools
- Proficiency in CxQL for writing and modifying scanning rules
- Deep understanding of SAST and its role in secure software development
- Familiarity with GitHub and integrating security scans into CI/CD pipelines
- Excellent analytical skills for interpreting scan results and improving scan accuracy
- Strong communication skills to effectively collaborate with development teams and stakeholders
- Holistic understanding of DevSecOps practices, emphasizing security integration at every phase of software development
- Fluent English communication skills at a B2+ level
Responsibilities:
- Conduct security reviews, threat modelling and review penetration test results for applications
- Collaborate with software developers and other stakeholders to remediate security vulnerabilities
- Develop and implement automated security testing tools and procedures to identify security issues
- Integrate security tools, standards, and processes into the secure software development lifecycle (SSDLC)
- Stay updated on the latest security threats and ensure our scanning rules evolve accordingly
- Educate and train developers on security best practices and security awareness
- Define and lead the security strategy and roadmap for application development
- Optimize and customize SAST processes to align with application security requirements
- Deeply understand and advocate for SAST methodologies, explaining the how and why behind their use in the development lifecycle
- Collaborate with developers to integrate SAST tools seamlessly into their workflows and CI/CD pipelines
REQUIREMENT SUMMARY
Min:2.0Max:5.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Proficient
1
Magyarország, Hungary
