Security Applications Engineer

Senior Application Security Engineer The Opportunity We are seeking a dynamic and skilled Senior Application Security Engineer with a strong background in securing complex global environments and developing security solutions at scale. The ideal candidate will have extensive hands-on experience integrating security into DevOps/AppSec processes, securing CI/CD pipelines, and crafting secure software deployment strategies. Your expertise in automated security testing, infrastructure as code, and cloud security is crucial for embedding robust security practices across our development and operational workflows. Key Responsibilities Lead DevSecOps Initiatives: Integrate security practices throughout the development lifecycle, embedding automated security testing within CI/CD pipelines. Enhance Security Automation Tools: Develop and refine tools to streamline security processes and automate checks within software development workflows. Maintain Security Documentation: Keep security documentation up-to-date, ensuring alignment with industry standards and best practices. Design and Advance Security Tooling: Collaborate on creating and improving security tools to enhance efficiency and integration within DevOps processes. Analyze and Report on Security Metrics: Prepare and present detailed DevSecOps/AppSec security reports to guide strategic decision-making. Promote a Security-Conscious Culture: Advocate for security best practices across the organization, fostering a proactive security mindset within the DevOps team. Provide Application Security Expertise: Offer specialized security advice to ensure security considerations are embedded in development and deployment. Skills and Qualifications Proven experience as a DevSecOps Engineer with a focus on integrating security within DevOps and CI/CD pipelines. Expertise in automated security testing, secure coding practices, and continuous deployment security. Strong understanding of software vulnerabilities, exploitation techniques, and mitigation strategies. Experience in automating tasks within enterprise environments, particularly in infrastructure security. Proven ability to communicate complex security concepts to both technical and non-technical audiences. Preferable experience with infrastructure and application support, focusing on secure and resilient system design. Demonstrated experience with DevSecOps practices in Microsoft Azure environments, including Azure security tools and services. Ability to adapt quickly to new technologies and evolving security strategies.