Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Minimum 5 years of experience in application security, cybersecurity, or software development.
Strong understanding of OWASP Top 10 and common application vulnerabilities.
Hands-on experience with security tools such as SAST, DAST, SCA, WAF, and penetration testing tools.
Familiarity with secure software development practices and CI/CD pipelines.
Knowledge of application architecture (API security, web app security, microservices, cloud apps).
Ability to read and review code in languages such as Java, JavaScript, Python, or others.
Experience with security incident response related to application threats.
Responsibilities
Perform application security assessments, including code reviews, penetration testing, and vulnerability scans.
Identify, analyze, and prioritize security vulnerabilities within applications.
Work closely with development teams (DevOps/SRE) to implement secure coding practices and integrate security into the SDLC (Secure Development Lifecycle).
Monitor and respond to application-related security incidents.
Develop, review, and maintain application security policies, standards, and guidelines.
Ensure compliance with security frameworks and regulatory requirements (e.g., ISO 27001, PCI-DSS, OWASP).
Collaborate with product, IT, and infrastructure teams to ensure secure architecture and design principles are followed.
