Senior Application Security Engineer
Senior Application Security Engineer
Senior Application Security Engineer
Imprint
Imprint is a FinTech startup focused on modernizing co-branded credit cards and financial products. The Senior Application Security Engineer will play a crucial role in ensuring the security of applications and infrastructure, working within a fast-paced environment to implement security best practices and collaborate with engineering teams.
Qualification
- Proven experience in application security engineering or a related field.
- Strong understanding of secure coding practices and security frameworks (e.g., OWASP, MITRE ATT&CK).
- Experience with SAST and DAST tools and integrating them into CI/CD pipelines.
- Familiarity with penetration testing methodologies and tools.
- Knowledge of cryptographic principles and secure key management.
Responsibility
- Conduct systematic threat modeling using frameworks like MITRE ATT&CK to identify risks and propose mitigations.
- Perform in-depth security architecture reviews to ensure secure design principles are followed in applications and microservices.
- Collaborate with engineering teams to conduct code reviews and promote OWASP Top 10 best practices.
- Integrate Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) into CI/CD pipelines for automated security flaw detection.
- Analyze testing reports and guide teams on effective remediation strategies.
- Perform or coordinate targeted penetration tests on critical applications and systems.
- Document findings and work with engineers to implement sustainable fixes.
- Advise on encryption mechanisms to safeguard data at rest and in transit.
