Application Security Engineer - Penetration Testing

As an Application Security Specialist, you will work closely with the development teams to ensure that our applications meet the defined security criteria. Your role will involve supporting the organization in designing the secure gaming platform, reviewing developed applications, and enhancing automation of security in the development lifecycle. **Key Responsibilities:** - Provide technical leadership and guidance on application security best practices, methodologies, and technologies. - Act as a trusted advisor to development teams, architects, and stakeholders, offering insights to enhance application security posture. - Design and review security architectures for applications, implementing effective security controls and countermeasures. - Conduct threat modeling exercises to identify security risks and vulnerabilities early in the development lifecycle. - Perform security assessments, code reviews, and penetration testing to identify and mitigate vulnerabilities. - Utilize industry-standard tools to assess application security posture and provide actionable recommendations. - Develop security tools, scripts, and automation workflows for security testing and monitoring. - Promote security awareness among development teams through training sessions and workshops. - Educate personnel on secure coding practices, threat mitigation techniques, and compliance requirements. - Collaborate with development teams, IT operations, project managers, and stakeholders to integrate security into the software development lifecycle. - Identify opportunities for improvement and optimization of security controls, processes, and technologies. - Stay updated on emerging threats, vulnerabilities, and security trends in the application security landscape. - Research and evaluate new security technologies, techniques, and methodologies for potential adoption. **Qualifications:** To excel in this role, you should have: - A software development background. - At least three years of experience in a similar Information Security position. - Ability to educate and influence technical audiences on Application Security matters. - Fluency in relevant development languages such as Java, C/C++, C#, Perl, PHP, Python. Experience in the following areas is essential: - Security Test Management - Application Security Assessments - Security Assurance - Requirements Management - Knowledge of major frameworks and libraries (SPRING, OSGI, ASP.NET, etc.) - Agile Development - Vulnerability management - Continuous Improvements - Penetration Testing - Security Evaluation & Functional Testing - Application Security Testing - Application Security Testing Automation - Enterprise Software - Data Analysis - Applied Research - Legal & Regulatory Environment and Compliance Desired qualifications include experience in open source projects, online gaming security, and familiarity with regulatory and industry standards like ISO27001, PCI-DSS, etc. Relevant professional certifications such as GIAC, CISA, CISM, CISSP, CEH are a plus but not mandatory. As an Application Security Specialist, you will work closely with the development teams to ensure that our applications meet the defined security criteria. Your role will involve supporting the organization in designing the secure gaming platform, reviewing developed applications, and enhancing automation of security in the development lifecycle. **Key Responsibilities:** - Provide technical leadership and guidance on application security best practices, methodologies, and technologies. - Act as a trusted advisor to development teams, architects, and stakeholders, offering insights to enhance application security posture. - Design and review security architectures for applications, implementing effective security controls and countermeasures. - Conduct threat modeling exercises to identify security risks and vulnerabilities early in the development lifecycle. - Perform security assessments, code reviews, and penetration testing to identify and mitigate vulnerabilities. - Utilize industry-standard tools to assess application security posture and provide actionable recommendations. - Develop security tools, scripts, and automation workflows for security testing and monitoring. - Promote security awareness among development teams through training sessions and workshops. - Educate personnel on secure coding practices, threat mitigation techniques, and compliance requirements. - Collaborate with development teams, IT operations, project managers, and stakeholders to integrate security into the software development lifecycle. - Identify opportunities for improvement and optimization of security controls, processes, and technologies. - Stay updated on emerging threats, vulnerabilities, and security trends in the application security landscape. - Research and evaluate new security technologies, techniques, and methodologies for potential adoption. **Qualifications:** To excel in this role, you should have: -