Cybersecurity Professional

About AVENGA

AVENGA is a leading organization in the field of cybersecurity, committed to providing innovative solutions to protect our clients' digital assets.

Job Summary

We are seeking an experienced Senior Application Security Engineer to join our team. As a key member of our security team, you will be responsible for ensuring the secure development and deployment of our software applications.

Key Responsibilities

• Secure Software Development: Collaborate with development teams to integrate security into the software development lifecycle, ensuring secure coding practices and tools are effectively used.
• Vulnerability Assessment and Management: Conduct regular security assessments, including static and dynamic code analysis, and vulnerability scanning. Help teams identify, prioritize, and remediate security vulnerabilities in web and mobile applications.
• Security Architecture and Design: Work closely with architects and engineers to teach them how to design secure applications and systems, focusing on threat modeling, security patterns, and best practices.
• Incident Response: Provide expert support to the teams during potential security incidents, including analysis, containment, and remediation of security breaches and vulnerabilities.
• Security Awareness and Training: Develop and deliver security awareness training for development and engineering teams, promoting a culture of security-first development.
• Policy and Compliance: Ensure compliance with security policies, standards, and regulatory requirements across all stages of the software development lifecycle.
• Continuous Improvement: Stay current with emerging security threats and vulnerabilities, and continuously evaluate and improve security processes, tools, and technologies.
• Collaboration and Communication: Act as a liaison between development teams and security, fostering a culture of security awareness and best practices across the organization.

Requirements

To succeed in this role, you will need:

• Technical Skills:
  • Proficiency in security assessment tools and scanners (e.g., BlackDuck, Nexus IQ, OWASP ZAP, Fortify, Sonarqube).
  • In-depth knowledge of secure coding practices and security standards (e.g., OWASP, NIST).
  • Experience with programming languages (e.g., Python, Java, .NET) and scripting.
  • Familiarity with DevSecOps practices and tools (e.g., Jenkins, Docker, Kubernetes, CI/CD pipelines).
• Certifications: Relevant certifications such as CISSP, CEH, OSCP, or GWAPT are highly desirable.
• Soft Skills:
  • Excellent communication and interpersonal skills.
  • Strong problem-solving and analytical abilities.
  • Ability to work collaboratively in a cross-functional team environment.

Benefits

• Competitive salary.
• Opportunity to work with cutting-edge technology.
• Bonus structure based on performance.
• Training budget.
• Private healthcare.
• International projects.
• Cafeteria system.
• Integration events.
• Insurance.
• Friendly atmosphere.
• Free coffee.
• Canteen.
• Bike parking.
• Free beverages.
• Modern office.
• Free parking.
• No dress code.