Job ID | 2024-4892 | Category | Information Services | Type | Full-Time | Workplace policy | Hybrid |
The Application Security Engineer plays a critical role in ensuring the security and integrity of the Bank's applications and systems. This role is responsible for validating that applications and systems are designed and implemented according to the Bank's Policies, Standards, and Guidelines. This role also assesses the security of the underlying components of the application or system such as middle-tier systems and databases. Additionally, this role implements and governs repeatable secure development practices to reduce secure coding errors, design flaws, and other vulnerabilities. As issues are uncovered, the application security engineer communicates with the appropriate technical and business teams to ensure proper risk identification, mitigation, and/or acceptance.
Principal Duties & Responsibilities:
2-4 years of experience implementing security controls in software development processes.
Proficiency in software development languages such as Java, Python, C++, etc., to understand application architecture and identify security vulnerabilities.
Familiarity with dynamic and static analysis tools for code review and vulnerability assessment.
Expertise in DevOps practices and methodologies, with the ability to integrate security seamlessly into CI/CD pipelines.
Knowledge of cloud platforms, particularly Microsoft Azure, and their security features and configurations.
Strong analytical and problem-solving skills to identify and remediate security vulnerabilities effectively.
Excellent communication and collaboration skills to work effectively with cross-functional teams and third-party vendors.
Relevant Certifications: