Skip To Main Content
epam-logo-black.svgepam-logo-black.svg
backBack to Search

Application Security Engineer

Remote in Colombia, Chile
Security.Risks
& 19 others
warning.png
Sorry, this position is no longer available
Colombia

We are looking for an Application Security Engineer to join our remote team.

Your primary focus will be to ensure our Customer's information systems' confidentiality, integrity, and availability. You will work with various security tools and technologies to ensure that applications and gaming systems are secure. If you are one step ahead of the bad guys and passionate about security, we would love to hear from you!

Responsibilities
  • Perform application security assessments on internal, and external applications, while defining and updating an application security methodology
  • Keep apprised of secure coding best practices and assist with static/dynamic code analysis
  • Design, create, test, document, deploy, and maintain new automation, capabilities, and security services for the InfoSec team
  • Stay abreast of Customer's applications and their security posture
  • Define and develop InfoSec training on web-based exploits/tools and corresponding mitigation techniques
  • Collaborate with cross-functional teams to build complex solutions
Requirements
  • 2+ years of experience in Information Security principles, technology, and control processes
  • development experience building systems in languages such as Python, C++, Golang/Rust
  • Expertise in application security, code review, DAST (Dynamic Application Security Testing), and SAST (Static Application Security Testing)
  • Experience with Secure Coding and AppSec frameworks (OWASP Guide, SANS CWE Top 25, CERT Secure Coding)
  • Hands-on experience in implementing secure SDLC practices
  • Good understanding of DevOps principles, Docker container security, and Kubernetes
  • Experience working with and setting up services on AWS infrastructure
  • Experience in threat modeling and implementing security testing methodologies like OWASP Top 10
  • Understand and be able to apply concepts such as algorithms, data structures, OOO design, databases
  • CEH and Offensive Security Certification (OSCP, GPEN, or GWAPT)
  • Excellent oral and written communication skills, including report writing and technical documentation
  • Fluent in English with an Upper-Intermediate level of proficiency
Nice to have
  • Experience in CI/CD systems and knowing how to work with Terraform
  • Familiarity with Java
Benefits
  • International projects with top brands
  • Work with global teams of highly skilled, diverse peers
  • Healthcare benefits
  • Employee financial programs
  • Paid time off and sick leave
  • Upskilling, reskilling and certification courses
  • Unlimited access to the LinkedIn Learning library and 22,000+ courses
  • Global career opportunities
  • Volunteer and community involvement opportunities
  • EPAM Employee Groups
  • Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn

These jobs are for you