Associate DevSecOps/Application Security Engineer

Job Summary

Required Qualifications

• A graduate of any IT related courses (Fresh graduates are welcome to apply)
• Development and/or security-related experience with web applications, web services, and mobile applications including at least 2 of the following core languages: .NET, Java, Angular, NodeJS, Python
• Understanding of cloud security concepts and architectures (AWS, Azure)
• Understanding of web application frameworks and protocols (HTTP, SSL/TLS, OAuth, etc.)
• Understanding of network security principles, including firewalls, IDS/IPS, and secure network protocols (e.g., SSL/TLS)
• Understanding of legal and regulatory requirements related to cybersecurity, privacy, and data protection laws
• Knowledge of web application security concepts (SQLi, XSS, CSRF)
• Experience with DevOps practices and tools (CI/CD pipelines, Github, Teamcity, Jenkins, Snyk, Contrast, Kubernetes)
• Knowledge of Application Security frameworks such as OWASP, CIS controls
• Proficiency in application security tools (SAST, RASP, IAST)
• Ability to communicate risk and remediation actions to management
• Excellent analytical, presentation, and communication skills
• Results-oriented, high energy, self-motivated
• Excellent leadership, teamwork, and client service skills