Senior Application Security Engineer
EPAM Systems
Senior Application Security Engineer Description
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
Our remote team is seeking a Senior Application Security Engineer.
The successful candidate will be tasked with maintaining the confidentiality, integrity, and availability of our Customer's information systems. Utilizing various security tools and technologies, you will ensure the security of applications and gaming systems. If your passion lies in security and you're always one step ahead of potential threats, we want to hear from you!
Responsibilities
- Conducting application security assessments on internal and external applications
- Defining and updating an application security methodology
- Staying updated with secure coding best practices and aiding with static/dynamic code analysis
- Designing, testing, documenting, deploying, and maintaining new automation, capabilities, and security services for the InfoSec team
- Keeping abreast of Customer's applications and their security posture
- Defining and developing InfoSec training on web-based exploits/tools and corresponding mitigation techniques
- Collaborating with cross-functional teams to build complex solutions
Requirements
- A minimum of 3 years of experience in Information Security principles, technology, and control processes
- Development experience in languages such as Python, C++, Golang/Rust
- Expertise in application security, code review, DAST, and SAST
- Experience with Secure Coding and AppSec frameworks like OWASP Guide, SANS CWE Top 25, CERT Secure Coding
- Hands-on experience in implementing secure SDLC practices
- Good understanding of DevOps principles, Docker container security, and Kubernetes
- Experience in setting up services on AWS infrastructure
- Experience in threat modeling and implementing security testing methodologies like OWASP Top 10
- Understanding and ability to apply concepts such as algorithms, data structures, OOO design, databases
- CEH and Offensive Security Certification (OSCP, GPEN, or GWAPT)
- Excellent communication skills, including report writing and technical documentation
- Fluency in English with an Upper-Intermediate level of proficiency
Nice to have
- Experience in CI/CD systems and familiarity with Terraform
- Familiarity with Java
We offer
- Learning Culture - We want you to be the best version of yourself, that is why we offer unlimited access to learning platforms, a wide range of internal courses, and all the knowledge you need to grow professionally
- Health Coverage - Health and wellness are important, that is why we have you and up to four family members in a premiere health plan. We have a couple of options, so you can choose what is best for you and your family
- Visual Benefit - Seeing your work for us would be a sight for sore eyes. We want your vision to always be at 100% which is why we offer up to $200.000 COP for any visual health expenses
- Life Insurance Plan - We have partnered with MetLife to offer a full-coverage Ife insurance plan. So, your family is covered, even if you are gone
- Medical Leave Coverage - We are one of the few companies that cover 100% of your medical leave, for up to 90 days. Your health is the most important thing to us
- Professional Growth Opportunities - We have designed a highly competitive and complete development process, where you will have all the tools to get where you have always wanted to be, personally and professionally
- Stock Option Purchase Plan - As an EPAMer you can be more than just an employee, you will also have the opportunity to purchase stock at a reduced price and become a part owner of our organization
- Additional Income - Besides your regular salary, you will also have the chance to earn extra income by referring talent, being a technical interviewer, and many more ways
- Community Benefit - You will be part of a worldwide community of over 50,000 employees, where you can learn, challenge yourself, stand out, and share your knowledge and experience with multicultural teams!
- Are you open to relocation? - If you want to relocate to another country and we have the right project, we will assist you every step of the way, to help you and your family, reach your new home