Application Security Engineer

Job Summary

As an Application Security Engineer, you will be responsible for securing our software products by identifying and mitigating security risks throughout the software development lifecycle (SDLC). This role involves working closely with development, DevOps, and product teams to ensure that security is integrated into our applications from design to deployment. Your expertise will be crucial in protecting our applications from potential threats, vulnerabilities, and attacks.

Job Details

• Security Assessment: Conduct security assessments, including code reviews, vulnerability scanning, and penetration testing, to identify potential security issues within applications.
• Threat Modeling and Risk Assessment: Perform threat modeling on new and existing features to understand potential vulnerabilities and develop secure solutions.
• Collaborate with Development Teams: Work with software development and DevOps teams to integrate security best practices throughout the SDLC, promoting secure coding standards.
• Security Tools and Automation: Deploy and manage application security tools (e.g., static and dynamic analysis tools, SAST/DAST) and help automate security testing within CI/CD pipelines.
• Vulnerability Management: Monitor, track, and remediate security vulnerabilities across applications and libraries, including managing security patches and updates.
• Incident Response: Collaborate in response to application-related security incidents, analyze root causes, and implement corrective actions to prevent future occurrences.
• Security Policies and Standards: Help create and enforce application security policies, guidelines, and standards, ensuring alignment with industry standards like OWASP, NIST
• Security Training and Awareness: Educate developers on secure coding practices, organize security training sessions, and promote a security-aware culture within the organization.
• Documentation and Reporting: Maintain detailed documentation of security controls, threat models, and incident responses; report on the overall application security posture to stakeholders.

Requirements

• Bachelor’s Degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Experience: 2+ years in application security, software development, or a related security engineering role.
• Technical Knowledge:
  • Strong understanding of security fundamentals, including authentication, authorization, cryptography, and secure communication.
  • Familiarity with secure coding practices and standards (e.g., OWASP Top 10).
  • Hands-on experience with application security tools (e.g., Burp Suite, Veracode, Checkmarx, or SonarQube).
  • Knowledge of CI/CD pipelines and integration of security testing tools.
• Programming Skills: Proficiency in one or more programming languages (e.g., JavaScript, PHP) with a solid understanding of secure coding principles.
• Soft Skills: Excellent communication skills, a collaborative mindset, and the ability to work with cross-functional teams.

Benefits

• Competitive salary and other benefits.
• An opportunity to play an important role in building one of the top SaaS start-ups in Africa.
• Learning and development opportunity.
• Career growth opportunity.

About Company

SeamlessHR

https://seamlesshr.com/

SeamlessHR.com Limited is an equal opportunity employer and we offer employment based on merit. We do not discriminate on the grounds of age, gender, race, disability, sexual orientation, and religion/belief. Our work environment is fun, fast-paced, dynamic and collaborative with a team of passionate and talented Seamstars. We love what we do and we work hard (we also play hard) to deliver the best technology solutions to our clients. We are driven by the following core values - Excellence, Judgment, Innovation, Communication, Candour, Selflessness, Thirst, Responsibility & Initiative. If this resonates with you, join us and be a part of our journey to building a healthy unicorn.