Application Security Engineer - Threat Modeling/SAST/SCA Job Code IND_090724_1

Remote Full-time
Netsentries Application Security Engineers will perform code-aware security assessments, Threat Modeling, SAST, SCA, Security Engineering reviews, etc., of enterprise Web/Mobile applications on different platforms developed in various programming languages. They will work closely with the Netsentries AppSec and client development teams to remedy the identified vulnerabilities.

Core responsibilities include:
• Perform in-depth static secure code analysis with open source and commercial tools
• Perform Threat Modeling and in-depth manual secure code reviews
• Perform security engineering reviews
• Reverse Engineering App binaries and analyzing the decompiled/disassembled code
• Prepare advisory for developers of the application on secure coding practices for addressing vulnerabilities identified
• Experience with assessments based on standards like etc.
• Collecting evidence to demonstrate the findings
• Collaborating with client-side application security and development teams
• Handle enterprise SAST projects involving a variety of programming languages including and not limited to web applications with Java, .NET, etc., Android and iOS mobile applications programming languages
• Execute code-aware security assessments in adherence with industry standards like
• OWASP ASVS,OWASP MASVS,OWASP Top10, OWASP Mobile Top 10, SANS 25, PCI-DSS, HIPAA, MITRE-CWE etc.

Experience with enterprise SAST projects involving a variety of programming languages including and not limited to web applications with Java, .NET, etc., Android and iOS mobile applications programming languages

Skills Required:
• A degree in computer science or related field and/or equivalent experience in software development.
• Exposure to industry standard development practices and programming languages would be a plus.
• Demonstrable understanding of enterprise architectures and best practices for high-volume, high-availability web / mobile apps.
• Excellent interpersonal communications skills.
• Experience with Android / iOS mobile platforms
• Experience in performing secure code reviews / reviewing results of static analysis tools
• Knowledge of Common Weakness Enumeration (CWE) and Common Vulnerabilities & Exposures (CVE) and their remediation recommendations
• Familiarity of vulnerabilities and attack methods, including Remote Code Execution (RCE), Cross-Site Scripting (XSS), SQL Injection (SQLi), etc. and how to identify, trace and remediate them
• Understanding of OWASP Top 10
• Certifications like OSWE is preferred
• Experience working with commercial SAST/SCA solutions like Checkmarx,Veracode,Synopsis etc. is an advantage.

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Global Support Manager

Remote

Executive Cybersecurity Program Director

Remote

Time Zone Support Milking Product Senior Specialist Expert

Remote

Work From Home Amazon Customer Service Ć¢ā‚¬ā€œ Online Chat Jobs (Part-Time, Hiring Near You)

Remote

Business Office Manager

Remote

Senior Product Manager, New Product (Remote/Hybrid)

Remote

Senior Security Infrastructure Engineer

Remote

Disney Social Media Customer Supports Job - Work From Home

Remote

**Experienced Virtual Data Entry Assistant - Entry Level Opportunity at blithequark**

Remote

Underwriting Services Supervisor

Remote
← Back