This page was automatically translated and may contain errors. View in English.
Jobgether

Application Security Engineer - Vulnerability Discovery

Jobgether

Remote · 全职

抢先申请

经验
3年以上
薪水
职位空缺
1
发布
18小时前
工作模式
在家办公
恢复
需要申请

职位描述

Overview

This opportunity is offered on behalf of a partner organization based in Saudi Arabia seeking an Application Security Engineer focused on vulnerability discovery. The role is dedicated to enhancing application security by systematically identifying, analyzing, and mitigating software vulnerabilities across contemporary software environments. Collaborating closely with engineering and product teams, this position aims to embed security considerations throughout the software development lifecycle to fortify applications.

Key Responsibilities

  • Evaluate, verify, prioritize, and manage vulnerabilities uncovered using manual techniques, automated tools, bug bounty programs, and AI-driven security platforms.
  • Work alongside product and engineering teams to guide remediation efforts, delivering clear security guidance to address risks in a timely fashion.
  • Examine pull requests, source code modifications, and development workflows for security concerns and suggest secure coding solutions.
  • Interpret results from AI-powered security tools to reduce false positives and improve detection mechanisms.
  • Engage in security incident response including investigations and root cause analyses related to application vulnerabilities.
  • Advocate for and contribute to the advancement of secure software development lifecycle (SDLC) practices within engineering departments.
  • Create security-focused automation, tooling, and workflows to enhance detection capabilities, coverage, and efficiency.
  • Manage and fine-tune vulnerability scanning platforms, including configuration of policies, scheduling scans, and generating reports.
  • Monitor remediation status, track security metrics, and support risk mitigation initiatives, providing stakeholders with transparent updates.
  • Collaborate with security architecture and development groups to optimize vulnerability discovery, prioritization, and fixing strategies.
  • Produce security documentation, best practice guidelines, and educational materials to encourage secure development techniques across teams.
  • Participate in an on-call schedule to support security triage and code review requests.

Candidate Requirements

  • Minimum of three years’ professional experience in application security or a related security discipline.
  • Ability to work through 11:00 AM Pacific Standard Time (PST).
  • Deep understanding of application security concepts, vulnerability management, and secure coding methodologies.
  • Experience establishing and scaling SDLC security programs.
  • Proven expertise managing vulnerability disclosures, bug bounty findings, and security assessments.
  • Track record of effective collaboration with engineering and product teams to implement security improvements and remediations.
  • Skilled at triaging vulnerabilities sourced from SAST, DAST, software composition analysis, dependency checks, penetration tests, and similar evaluations.
  • Strong knowledge of prevalent application security challenges such as OWASP Top 10 risks, API security, authentication/authorization, secrets management, and cryptographic practices.
  • Ability to review source code in multiple programming languages and frameworks to detect security weaknesses.
  • Familiarity with security testing tools including static and dynamic analysis, infrastructure-as-code scanning, secrets detection, and vulnerability management software.
  • Experience working in cloud-native setups with public cloud providers, particularly AWS.
  • Capacity to assess security findings, weigh risk impacts, and communicate remediation strategies clearly.
  • Excellent interpersonal and communication skills to foster effective teamwork and partnerships.
  • Knowledge of AI-assisted development workflows and AI-enabled security tools is advantageous.

Benefits

  • Work fully remotely from any location.
  • Participate in impactful large-scale application security projects.
  • Flexible work conditions tailored to support collaboration across dispersed teams.
  • Engage with cutting-edge security challenges involving cloud computing, automation, and AI-driven technologies.
  • Influence and enhance secure development practices throughout technical organizations.
  • Gain exposure to advanced vulnerability management and security tooling.
  • Access career growth opportunities within a technology-oriented company culture.
  • Collaborate with seasoned security, engineering, and product experts.
  • Receive a competitive salary aligned with experience and skill set.

Additional Information

This role operates with an AI-enhanced candidate review process ensuring objective and prompt evaluation against core job criteria. The ultimate selection and interview phases are handled by the hiring partner directly.

Applicants acknowledge data processing compliance with applicable data protection laws, inclusive of AI involvement in application assessment, while final employment decisions remain human-led.

如果您希望收到回复,请留下您的信息——我们不会将您的信息用于其他用途。

点击浏览拖放,或 粘贴 截图

PNG、JPG、GIF、MP4、WebM、MOV 格式 · 每个文件最大 20MB · 最多 5 个文件

🤖
在线·即时人工智能帮助