Application Security Engineer

Job description

The Team

The Global Information Security team’s mission is to ensure FlexTrade and client’s security globally and to ensure solutions implemented by FlexTraders are secure and fulfill FlexTrade’s mission – Trade Your Best.

About You

FlexTrade Global Information Security is looking for an Application Security Engineer who loves what they do. Reporting to the Global Information Security Manager, you’ll work with FlexTraders globally. The primary focus will be on ensuring FlexTrade internal applications are secure

Responsibilities

  • Understand the end-to-end design of all company products
  • Perform static application security testing (SAST) of the code base
  • Perform dynamic application security testing (DAST) using open source and commercial tools
  • Identify and help developers understand how to mitigate vulnerabilities originating from third party components
  • Review security alerts and reports and work closely with the DevOps team to design workflows

Requirements

Skills & Experience

  • 3 -5 years of experience with application security/penetration testing work.
  • Experience using common application security testing tools and techniques to perform security assessments across web/mobile/API technologies.
  • Experience identifying security issues, assessing risk, and providing remediation guidance.
  • Experience working with Agile development/Scrum teams.
  • Have hands-on experience with various programming languages such as C++, Java and python.
  • Have knowledge of Software development life cycle
  • Have hands-on experience with DevSecOps and securing the CI/CD pipeline.
  • Have knowledge of Application Security Best practices and guidelines such as OWASP Application Security Verification Standard (ASVS) and OAuth2.
  • Experience with automation tools (e.g., Jenkins, Bamboo, GitLab, Kubernetes, Ansible, Chef, Puppet)
  • Understanding of cloud technology (Azure/AWS)