Application Security Engineer

This is a fully remote position, open to applicants in Nigeria.

📋 Description

• Execute security evaluations for web and mobile applications as well as API security testing.

• Conduct threat modeling, secure code reviews, and assess attack surfaces.

• Support Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) initiatives.

• Aid in managing the lifecycle of vulnerabilities.

• Organize both internal and external security assessments, ensuring accurate scoping and timely completion.

• Monitor and report on the progress of remediation efforts.

• Ensure adherence to secure coding standards.

• Collaborate with developers, testers, and business analysts to provide proactive security advice throughout development sprints.

• Contribute to the development of security frameworks, checklists, and guidelines consistent with OWASP, NIST, and MITRE.

• Engage in DevSecOps testing and the implementation of protective measures.

• Assist in investigating and resolving application security incidents.

• Contribute to post-incident evaluations and implement preventive strategies.

• Stay updated on cybersecurity trends, emerging threats, and attack vectors.

⛳️ Requirements

• At least 3 years of experience in application security, IT security, or software development with a focus on security.

• Practical experience in penetration testing, vulnerability assessments, and secure code reviews.

• Demonstrated experience with SAST, DAST, and threat modeling frameworks.

• Familiarity with secure software development practices, including OWASP Top 10 and CWE.

• Hands-on development experience or the ability to script in languages such as Python, JavaScript, or Bash.

• Strong knowledge of web application security, API security, and cloud security principles (AWS, Azure, or GCP).

• Understanding of DevSecOps principles and the integration of security into CI/CD pipelines.

• Excellent communication skills, capable of conveying complex security concepts to both technical and non-technical audiences.

• A collaborative attitude with the ability to work effectively across different functions.

🏝️ Benefits

• Competitive compensation package along with comprehensive benefits.

• Equity compensation through Stripe.

• Complete medical coverage.

• Wellbeing stipend.

• Generous leave and sabbatical policies.

• Hybrid working environment.

• Intelligent, kind colleagues who are committed to your professional growth.