Appsec Engineer

Description:

NXT GIG is seeking a talented Application Security (AppSec) Engineer to join our dedicated security team. In this role, you will be responsible for integrating security into the software development lifecycle (SDLC), ensuring that our applications are secure from the ground up. You will work closely with development teams to identify vulnerabilities, perform security assessments, and implement security best practices throughout the development process. Your expertise will be critical in enhancing our application security posture and ensuring compliance with industry standards and regulations. If you have a passion for application security and enjoy working in a collaborative environment, we invite you to apply and be part of our innovative team at NXT GIG.

• Conduct security assessments and penetration testing on applications to identify and mitigate vulnerabilities.
• Collaborate with development teams to embed security practices into the SDLC and provide security guidance during design and implementation.
• Develop and maintain application security policies, standards, and best practices.
• Implement automated security testing tools and processes to ensure continuous security validation.
• Monitor and respond to security incidents related to applications, providing thorough reports and recommendations for remediation.
• Stay informed about the latest security threats, vulnerabilities, and trends in application security.
• Provide training and awareness programs for developers on secure coding practices and application security principles.

Requirements

• Bachelor's degree in Computer Science, Cyber Security, or a related field.
• Proven experience as an Application Security Engineer or in a similar role focused on application security.
• Strong understanding of application security principles, threats, and vulnerabilities.
• Experience with security testing tools (e.g., SAST, DAST, IAST) and code review methodologies.
• Familiarity with secure coding practices and frameworks (e.g., OWASP Top Ten, secure SDLC methodologies).
• Excellent analytical and problem-solving skills with a keen attention to detail.
• Relevant certifications (e.g., CSSLP, OSCP, or similar) are a plus.