Full-Stack Developer with a Focus on Security

Agile Dream Team is looking for a highly motivated and experienced Security Engineer to join our global team. If you're passionate about application security and have a background in securing products throughout the software development lifecycle, this opportunity is for you!

Key Responsibilities:

• Perform application security assessments and remediation activities as part of the application security program, ensuring adherence to the SSDLC framework.
• Guide and execute security activities such as vulnerability testing, code review, static and dynamic code testing, ethical hacking, and business logic exploit testing.
• Recommend improvements to security toolsets, development processes, and production application security support.
• Evangelize the fundamentals of the application security program, tools, and processes, acting as a consultative partner with Global IT and Business teams.
• Participate as a key member in security incident response activities.
• Ensure teams validate against OWASP and implement industry-leading application security practices.
• Review and prioritize findings from security analysis and testing tools.
• Conduct regular internal pen-testing and manage the external pen-test process.
• Implement code and infrastructure changes to remediate issues identified from testing tools and pen-tests.
• Apply best practices for vulnerability management and add security features to our products.

Requirements:

• A strong affinity for technology security and its integration as a core part of the development process.
• Solid experience in C# or Java development.
• Strong front-end web development skills with a focus on security.
• Specific experience as a Security Engineer for web applications (as opposed to infrastructure).
• Understanding of the SSDLC framework.
• Advanced experience with security testing tools such as Burp Suite or similar tools.
• Experience in application security assessments.
• Experience in application technology security testing (white box, black box, and code review).
• Experience with advanced automation scripting and some type of automation testing tool (Bsh, shell, Java, .NET).
• SQL experience.
• Excellent communication and analytical skills with the ability to operate cross-functionally across teams.
• Proficiency in performing risk, business impact, control, and vulnerability assessments, and defining treatment strategies.
• Experience in system technology security testing (vulnerability scanning and penetration testing).