Application Security Engineer Job in Cochin at ZOG Global

ZOG Global is hiring for the role of Application Security Engineer!

Responsibilities of the Candidate:

• Conduct regular SAST scans to review and analyse the source code of applications built using Python and React.
• Perform DAST scans on applications to identify security issues related to runtime behaviour and configurations.
• Collaborate with software development teams to integrate security best practices into the SDLC.
• Provide guidance and training to developers on secure coding practices.
• Perform security assessments and risk assessments on applications to identify and prioritise vulnerabilities.
• Develop and maintain security testing procedures and tools.
• Stay up to date with the latest security threats and trends to adapt and evolve security strategies.
• Perform security assessments and penetration testing as necessary to enhance the overall security posture.
• Maintain documentation of security findings, remediation efforts, and improvements made to the application security program.
• Assist in incident response and post-incident analysis as required.
• Collaborate with cross-functional teams to raise security awareness and promote a security culture.

Requirements:

• Minimum of 2 years of experience in application security.
• Strong proficiency in static and dynamic code analysis using Python and React.
• Hands-on experience with security testing tools, including SonarQube, OWASP ZAP, Burp Suite, Black Duck, or similar.
• Familiarity with container scanning tools such as Anchore, Aqua Security, Palo Alto, Qualys, or similar.
• Solid understanding of application security principles and best practices.
• Familiarity with OWASP Top Ten and common web application vulnerabilities.
• Experience with scripting and automation for security testing.
• Proficiency in AWS and Azure cloud-native security tools.
• Excellent communication skills to convey security issues to technical and non-technical stakeholders.
• Relevant security certifications (e.g., OSCP, CEH, or related) are a plus.
• Bachelor’s degree in computer science, information security, or a related field is preferred.