Application Security Engineer at Parvana

Jun 22, 2021

Application Security Engineer (Parvana)

About the Client:

  • Our client is an international highly successful software development house with a niche focus on the telecommunications and payment gateway sector.
    With almost 20 years of track record, this company is well recognised as a discerning employer. Their training and mentorship program is unsurpassed. Most staff will be highly qualified academically however all will be collaborative, have an Agile mind-set and all enjoying learning new things.
    Continuous improvement is a way of life which is reflected in a flat organisational organogram where each employee is encouraged to come up with new solutions.
    Each person is encouraged to work on their strengths and for those that are ambitious, this is the best organisation to fast track your way up the career ladder. Equally those that enjoy routine are encouraged and supported to be subject matter experts within their chosen skill set.

Responsibilities:

  • Following security best practices in performing tasks.

  • Active participation in the SDLC process of existing and new apps and features.

  • Helping the organization evolve its application security functions and services.

  • Responsible for upholding code reviews across all code platforms.

  • Providing leadership for application vulnerability scanning and penetration testing remediation.

  • Discover security exposures and develop mitigation plans, and report and fix the technical debt.

  • Function as a subject matter expert for security solutions.

  • Sharing knowledge of common and emerging security threats.

  • Working closely with various teams while carrying out daily tasks.

Qualifications:

  • Relevant IT Degree
  • Java 8 certification
  • CompTIA Network+ / Security+

Skills / Experience:

  • Java experience
  • Experience working in an Agile environment.
  • Experience working with the following:
    • Docker | OpenSSL | OWASP ZAP / Burp Suite
    • DefectDojo | Nessus / [URL Removed]
  • Technical knowledge of secure coding best practices (e.g. CERT Oracle Secure Coding Standard).
  • Experience with Network protocols such as TCP, HTTP and HTTPS
  • Ability to detect security vulnerabilities in code.
  • Thorough knowledge of Linux/Unix tools and architecture.
  • Well-versed in application and infrastructure security.
  • Troubleshooting and analytical skills.
  • Knowledge of web related technologies (Servlet-based or Spring-based applications)
  • Knowledge of applied cryptography (i.e., encryption, hashing and signing algorithms).
  • Knowledge of software design and implementation.
  • Strong familiarity with web protocols.
  • Experience in the following would be ideal:
    • CIS Benchmark documentation and implementation thereof.
    • PCI-DSS certification process.

To apply use the application tool above or send us an email to [Email Address Removed]

Learn more/Apply for this position