Talent.com
Senior Application Security Engineer

Senior Application Security Engineer

DigiCertWorkFromHome, Gauteng, South Africa
30+ days ago
Job description

Who we are

We're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. That's digital trust for the real world.

Job summary

As a Senior Application Security Engineer specializing in application security and DevSecOps within our cybersecurity team, you will play a crucial role in safeguarding our company's web applications by integrating security practices into the Software Development Life Cycle (SDLC). You will be responsible for the proactive identification, assessment, and mitigation of security vulnerabilities, developing and driving the adoption of DevSecOps practices, and ensuring that security is embedded in all phases of software development.

This is a remote position.

What you will do

  • Lead the integration of security measures into the SDLC, ensuring that all aspects of web application development are secure by design.
  • Conduct thorough security assessments and penetration testing for web applications to identify vulnerabilities and security gaps.
  • Play an advisory role with software engineering teams in the architectural design of new applications, emphasizing secure architectural patterns and best practices.
  • Perform and coordinate manual and automated code reviews.
  • Lead threat modeling exercises across engineering teams.
  • Collaborate with software development teams to implement DevSecOps practices, providing guidance on secure coding, automated security testing, and continuous monitoring.
  • Contribute to internal security tooling development or integration.
  • Develop and maintain a secure framework for code deployment, automating security processes where possible to streamline the development workflow.
  • Work cross-functionally with various teams, including IT, engineering, operations, and business units, to communicate security policies and procedures effectively.
  • Establish and maintain strong relationships with stakeholders, presenting complex security concepts in an accessible manner.
  • Stay abreast of the latest security threats, trends, and technologies in web application security and incorporate this knowledge into company practices.
  • Assist in the development and enforcement of security policies and procedures, ensuring compliance with industry standards and regulations.
  • Assist with managing bug bounty program.
  • Develop program documentation to promote operational stability and scalability.
  • Support Leadership in defining and executing the roadmap for DevSecOps maturity and secure SDLC initiatives.
  • Support governance and compliance teams on secure engineering practices for aligning security policies related to SDLC
  • Drive and support security identified remediation efforts.
  • Foster and promote a security-forward culture.
  • Mentor junior team members.
  • Other duties and responsibilities, as assigned.

What you will have

  • Bachelor’s or master’s degree in computer science, cybersecurity, or a related field.
  • Professional security certifications such as CISSP, OSCP, CEH, or equivalent are highly desirable.
  • 5+ years of experience in cybersecurity, with a focus on web application security and secure SDLC.
  • Experience with red team implementation and methodologies.
  • Proven track record of working with DevSecOps tools (such as SAST / DAST / SCA) and methodologies.
  • Strong understanding of security protocols, cryptography, authentication, authorization, and security vulnerabilities.
  • Proficiency with programming / scripting languages such as JavaScript, Python, Java, Bash, PowerShell
  • Excellent communication skills with the ability to engage technical and non-technical stakeholders.
  • Strong analytical and problem-solving abilities, with a meticulous attention to detail.
  • Advanced level of knowledge of Information Security design concepts and principles

    • Nice to have

  • Master's degree in a technical discipline
  • Experience working in highly regulated environments.
  • Advanced level of knowledge of IT frameworks and standards (NIST, OWASP Top Ten, COBIT, ITIL, ISO, PCI-PIN, GDPR, WebTrust, FedRAMP)
  • Certified Information Systems Auditor (CISA)
  • AWS Solutions Architect

    • Benefits

  • Provident Fund
  • Medical Aid + Gap Cover
  • Employee Assistance Program
  • Gym Reimbursement
  • Life Insurance
  • Disability Insurance
  • Sabbatical

    • #LI-GA1

    __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT __PRESENT

    __PRESENT __PRESENT

    #J-18808-Ljbffr

    Create a job alert for this search

    Security Engineer • WorkFromHome, Gauteng, South Africa

    Related jobs
    • Promoted
    Security Engineer Centurion

    Security Engineer Centurion

    Alinta Tech SolutionsCenturion, Gauteng, South Africa
    The Security Engineer is tasked with the vital responsibility of implementing and maintaining robust security protocols to safeguard the organization's data and infrastructure.This hands-on positio...Show moreLast updated: 30+ days ago
    • Promoted
    Team Lead : Security Engineer

    Team Lead : Security Engineer

    Tracker Connect LtdRandburg, Gauteng, South Africa
    Tracker is seeking an individual to lead the design, implementation, and continuous improvement of a secure, scalable, and high‑performing network infrastructure that supports the organization’s cu...Show moreLast updated: 12 days ago
    • Promoted
    Security Engineer

    Security Engineer

    NintexJohannesburg, Gauteng, South Africa
    At Nintex, we are transforming the way people work, everywhere.As the global standard for process intelligence and automation, we're trusted by over 10,000 public and private sector organizations a...Show moreLast updated: 20 days ago
    • Promoted
    Senior Security Engineer, Application Security

    Senior Security Engineer, Application Security

    GitLabWorkFromHome, South Africa
    Senior Security Engineer, Application Security.GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps platform, used by more than 100,000 organizations.Ou...Show moreLast updated: 9 days ago
    • Promoted
    Senior Security Operations Engineer

    Senior Security Operations Engineer

    CanonicalWorkFromHome, Gauteng, South Africa
    Canonical Cape Town, Western Cape, South Africa.We have opened several senior / staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO.We are looking for a rang...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer

    Security Engineer

    OutsidecapitalJohannesburg, Gauteng, South Africa
    We are exclusively representing a mission-driven global leader in the Health-Tech sector.This rapidly scaling organization is dedicated to developing smart affordable digital health solutions that ...Show moreLast updated: 29 days ago
    Security Engineer

    Security Engineer

    AiRPretoria, South Africa
    Remote
    Quick Apply
    Cybersecurity Management (40%).Develop and maintain security standards and processes to support compliance requirements.Oversee cybersecurity operations and ensure alignment with internal policies ...Show moreLast updated: 9 days ago
    • Promoted
    Security Engineer

    Security Engineer

    wePlacePretoria, South Africa
    Responsible for company-wide cybersecurity and related documents, process and record management to ensure that systems and products are safe and effective. Ensures data integrity, and that informati...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Application Security Specialist

    Application Security Specialist

    MukuruJohannesburg, ZA
    Job title : Application Security Specialist.Job Location : Gauteng, Johannesburg.We’re looking for an Application Security Specialist to join our forward-thinking Information Security Team.This is ...Show moreLast updated: 16 hours ago
    • Promoted
    Security Engineer Active Directory

    Security Engineer Active Directory

    Standard Bank of South Africa LimitedJohannesburg, Gauteng, South Africa
    Business Segment : Personal & Private Banking.Location : ZA, GP, Johannesburg, 30 Baker Street.Administer and secure Microsoft Active Directory environments across multiple domains and forests.Manage...Show moreLast updated: 30+ days ago
    • Promoted
    IT Security Engineer

    IT Security Engineer

    CodeConnect Staffing (Pty) LtdPretoria North, South Africa
    Work Model : 2 days remote per week (post-probation).A well-established medical devices company is seeking a skilled IT Security Engineer to lead company-wide cybersecurity operations.This role will...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer Team Lead

    Security Engineer Team Lead

    Hire ResolveRandburg, ZA
    Job title : Security Engineer Team Lead.Job Location : Gauteng, Randburg.A company that provides personal and vehicle safety services, including stolen vehicle recovery, driver safety, and business...Show moreLast updated: 24 days ago
    • Promoted
    Security Engineer

    Security Engineer

    Network RecruitmentPretoria, South Africa
    Our client has a presence in over 60 countries and is a global leader in health solutions.Youll work closely with cross-functional teams to implement robust security measures, manage audits, and dr...Show moreLast updated: 13 days ago
    • Promoted
    Team Lead : Security Engineer

    Team Lead : Security Engineer

    Tracker South AfricaRandburg, Gauteng, South Africa
    Network Administration and Security.Tracker is seeking an individual to lead the design, implementation, and continuous improvement of a secure, scalable, and high-performing network infrastructure...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer

    Security Engineer

    The Hiring HousePretoria, South Africa
    Risk Management and Compliance.Engineering degree (Computer, Software, Mechanical or Electronic).Minimum education (desirable) : . OSCP (Offensive Security Certified Professional).PNPT (Practical Netw...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Engineer, Security Incident Response Team

    Senior Security Engineer, Security Incident Response Team

    GitLabWorkFromHome, South Africa
    Senior Security Engineer, Security Incident Response Team.GitLab is an open-core software company that develops an AI-powered DevSecOps Platform used by more than 100,000 organizations.Our mission ...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Technical Architect

    Senior Security Technical Architect

    NTT Ltd.Johannesburg, Gauteng, South Africa
    Job title : Senior Security Technical Architect.Job Location : Gauteng, Johannesburg.Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence a...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer

    Security Engineer

    Rad ResourcesPretoria, South Africa
    Engineering degree (Computer, Software, Mechanical or Electronic.Minimum education (desirable) : .OSCP (Offensive Security Certified Professional). PNPT (Practical Network Penetration Tester).Certifie...Show moreLast updated: 30+ days ago