Application Security Engineer

Position- Application Security Engineer

Location: Irving TX- Hybrid (min. 3 days’ work from office),in person interview

All Visa will work except H1B

Critical :: Need someone from App development background, who has moved to security

Update- Please note that there will 2 rounds of customer interview. First round will be a video call and 2nd round should be in person in customer’s office in Irving, TX. So submit resume accordingly

Job Description:

In this role as an Application Security Engineer, you will conduct security assessments for products and solutions. You will collaborate with various cross functional teams and help to create, define, and implement security controls and security tooling in conjunction with internal product development and devops teams.

Responsibilities

• Evaluate security postures and provide recommendations for improvement and risk reduction for Mobile Platforms (IOS/Android), AI Systems, Internet of Things.
• Support engineering and development teams in implementing, maintaining and troubleshooting application security tooling automation for SAST, DAST, MAST (iOS and Android), OSS, API, etc.
• Implement security modules, tools, and programing code snippets when needed.
• Participate in deep dive architectural discussions of new or existing applications, software, and services.
• Apply cryptographic primitives and protocols for authentication, authorization and data protection.
• Recommend and manage transmission protection requirements for all environments (e.g., systems, applications, containers) such as encryption, SSL certificate management, RSA key pairs, etc.
• Continually evaluate new threats and attacks specific to Mobile Platforms, IoT, and AI Systems to identify the impact on business and help to develop and implement appropriate security controls.

MUST HAVE SKILLS:

- Bachelor’s degree in Computer Science or related fields

- Eight or more years of relevant work experience.

- Experience with mobile application security testing, mobile code analysis, vulnerabilities evaluation and remediation.

- Experience with performing security assessment for secure deployment of large IoT, mobile and/or AI systems.

- Experience with Secure SDLC including use of obfuscation techniques, Reverse Engineering and Tamper Resistant software development.

- Experience with OWASP Top 10 vulnerabilities and Cryptographic Algorithms: PKI, X.509 Public Key Certificates, authentication protocols, and transport layer security, OID, OAuth, SAML.

- Understanding of various types of Exploits, Threat Modeling, and Attack surfaces

DESIRED SKILLS:

- Development experience in Swift, Java, Scala, Python, C/C++ or other languages and the ability to solve complex operational issues.

- Mobile, IoT or AI application development experience is highly desirable

- Experience with IT Security Frameworks such as NIST, ISO27001, PCI, DSS, FedRAMP

- One or more of the following certifications: Certified Ethical Hacker, Python Institute Certifications, C++ Institute Certifications, Mobile Application Penetration Tester (eMAPT), ISC2 Certified Information Systems Security Professional (CISSP), or other Security Certification

Thanks & Regards 

Raj Priyadarshi 

Recruitment Manager 

E: xxxxxxxxxxxxxxx | P: +xxxxxxxxxxxxxxxExt 148

WorkNovas LLC

1317 Linwood Avenue, Apt 10, 

Los Angeles, CA 

90017