The Job logo

What

Where

Application Security Architect (Vulnerability, Security & API)

ApplyJoin for More Updates

You must Sign In before continuing to the company website to apply.

Smart SummaryPowered by Roshi
Join our leading AI-driven Global Supply Chain Solutions Software Product Company as an Application Security Engineer. Your mission will be to create a secure architecture based on Secure By Design principles and implement DevSecOps automation tools, cryptography, and manual source code reviews. You will collaborate and educate other departments and train new staff members in application security concepts. Bring your expertise in threat modeling and SDLC to identify gaps and improve our department. Apply now!

Overview:

  • We are a leading AI-driven Global Supply Chain Solutions Software Product Company and one of Glassdoor’s “Best Places To Work”.
  • Application Security Engineer mission is to create an end-to-end to end security architecture based on Secure By Design principles and responsible for performing and determining the technology that is implemented within the application security team.
  • Provide strategic direction and subject matter expertise for wide adoption of DevSecOps automation tools, Cryptography and manual source code reviews across open source.

.

 

Scope:

  • The role of the Application Security Senior Engineer is to work closely with information technology and development staff to help implement secure systems, tools, and processes.
  • As an engineer, you will be responsible for performing and determining the technology that is implemented within the application security team.
  • Being an expert and mentor on all technologies used by the security staff, researching new security trends and improvements, getting new staff members up to speed on internal projects and new development, and providing direction and management of assigned projects.
  • Additionally, engineers will look for opportunities to collaborate and educate other departments that are impacted by application security projects and processes.

 

 

What you’ll do:

  • Implement Secure SDLC  (Analyze and design Secure architecture, Design Application based on that, prepare secure coding guidelines across projects, and also reviewed support project architecture and code on security aspects)
  • Provide strategic direction and subject matter expertise for wide adoption of DevSecOps automation tools, Cryptography and manual source code reviews on Java, JavaScript, Rest API using tools like Checkmarx, CodeQL, Fortity, Veracode, Snyk, Blackduck, Acunetic, AppScan etc.
  • Understand how to identify, exploit, and remediate the OWASP Top 10, SANS 25 software flaws, and other vulnerabilities through use of tools and code review and propose solutions for advanced development situations.
  • Ability to write tool specific custom queries to improve the scan results and eliminate false positives.
  • Work with development teams to ensure false positives are verified and documented.
  • Knowledge on Threat modelling methodology and tools like Microsoft threat modeler
  • Experience in DevSecOps and CI/CD tools such as Github, GitLab, Jenkins, Nexus, Artifactory including how to secure them
  • Good knowledge on cloud (Azure, AWS, GCP) and basic knowledge on cloud security posture management (CSPM)
  • Good knowledge on FOSS/SCA, Software Supply Chain security analysis & basic knowledge on container security
  • Knowledge on container scanning tools like Checkov, Trivy, etc
  • Experience with Linux Containers (Docker), Kubernetes, and deployment of containerized applications/microservices architectures.
  • Working with Teams to secure their Services (i.e., API security)
  • Train new department staff and developers in application security concepts
  • Identify gaps in application architecture, internal processes, and training to help guide the improvement of the department.
  • Maintain a professional working relationship with other departments through clear communication and project level collaborations.
  • Threat modeling

 

What we are looking for:

  • 10+ years of secure development, penetration testing, and/or architecture experience
  • Expert knowledge of SDLC
  • Experience with current web application technology and concepts including containerization, development operations, and mobile technologies.
  • Familiar with dynamic and static testing tools and techniques
  • Familiar with secure coding principles and application architecture
  • Comfortable with scripting and automation.
  • Ability to work as part of a larger team to find solutions.
  • Excellent communication skills
  • CSSLP, CISSP, GWAPT, OSCP, or similar certifications preferred.


 

Set alert for similar jobsApplication Security Architect (Vulnerability, Security & API) role in Bangalore Urban, India
Blue Yonder Logo

Company

Blue Yonder

Job Posted

a year ago

Job Type

Full-time

WorkMode

On-site

Experience Level

8-12 Years

Category

Software Engineering

Locations

Bangalore Urban, Karnataka, India

Qualification

Bachelor

Applicants

Be an early applicant

Related Jobs

Blue Yonder Logo

Technical Architect (Java, SpringBoot, Kafka, NoSQL, Microservices)

Blue Yonder

Bangalore Urban, Karnataka, India

Posted: a year ago

Implement and design commerce micro-services. Understand integration requirements, perform testing, fix defects, and build reusable assets. Looking for experienced Java programmers with knowledge in Java 8, Sterling OMS, retail domain, and leading a team. Must have experience in spring boot, Kafka, NoSQL DB, agile process, and cloud platforms. Strong understanding of caching frameworks and product implementation process.

Hewlett Packard Enterprise Logo

Application Modernization Architect

Hewlett Packard Enterprise

Bangalore Urban, Karnataka, India

+1 more

Posted: a year ago

What you’ll do:   Engage with customer and quickly understand the requirement, scope of work and the solution required. Leading the application team from concept, solution design to execution/launch and ensure application fully serves the need for customer. Provide technical leadership to different projects and work as an SME in multiple projects. Prepare technical implementation plans, migration plans, and coordinate with different teams on execution. Continually research, test, investigate new technologies, methods, and integration of emerging technologies into projects. Responding to RFP/RFI, providing technical solution, developing POC, providing estimation, statement of work, risks. Required: Total 10 TO 15 years of experience with minimum 5 years of experience as solution architect and minimum 2 years of experience in application modernization and migration . Good communication, soft skills and customer handling skills required. Good understanding on various scalable application architecture, assess application complexities, hands on in adapting different technical stack. Experience in application migration, modernization including Containerization/Microservices to AWS or Azure Cloud, Docker. Experience in migrating different application, including different middleware products like JBoss/WebLogic from HPUX to RHEL. Expert level development and design experience on Different UI JavaScript libraries and frameworks Web framework and Rest APIs Essential Skillset Solid solution design and development experience in both server-side and client-side programming essentially covering the full stack of technology for an enterprise application. Must have hands on experience in designing and implementing Restful webservices, authentication/authorization and integration of backend APIs with SQL and NoSQL databases Must have solid experience with React JS library, Angular JS, Vue JS framework for front end development. Solid experience in deploying and monitoring microservices applications using AWS and Azure cloud infrastructure. Must have experience in multiple backend frameworks like Spring Boot, Python Flask, Python Django, Node JS, Express JS, PHP, Laravel, .Net. Sound knowledge in multiple programming language like Java, Python, PHP, Node JS, C#, C, C++ Good understanding on integrating backend services with NoSQL, SQL, in memory database. Middleware application servers including version upgrade: WebLogic, JBoss, WebSphere   What you need to bring: Bachelor's degree in Computer Science, Engineering, or related field. Master's degree preferred Experience in solution design, planning and implementation for transforming a monolithic application to Microservices application. Experience in assessing source or on-prem application details (technology stack, integrations, database) and identify appropriate migration solutions, tools, and strategy. Good knowledge on various application performance, security issues and solutions. Other Good-To-Have Skills Experience in building DevOps solution to AWS and Azure. Mobile application development for android and IOS.