Job Description
• 8+ years of experience in application security, secure software engineering, cybersecurity architecture, or related roles
• Proven experience implementing and managing application security programs in enterprise environments
• Strong understanding of:
o Secure SDLC / SSDLC
o DevSecOps principles
o OWASP Top 10
o API Security Top 10
o Common software and web application vulnerabilities
• Hands-on experience with application security testing tools such as:
o SAST: Checkmarx, Fortify, Veracode, SonarQube
o DAST: Burp Suite, AppScan, Acunetix
o SCA: Snyk, Black Duck, Mend/WhiteSource
• Experience in threat modeling methodologies (e.g., STRIDE)