Application Security (AppSec) Engineer / Security Testing Specialist

• Applicants must be able to work directly for our company on W2
• Expertise in web application security testing
• Experience in security testing with SAST, SCA, DAST, IAST, Fuzz, and penetration testing tools
• Expertise in mobile application security testing
• Experience with Web application firewalls
• Hands-on experience with DevSecOps tools and practices, including static code analysis, security scans, and automated testing
• Understanding of application security standards such as OWASP ASVS/Top 10 and CWE 25
• Ability to identify and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities
• Knowledge of common authentication technologies including OAuth, SAML, CAs, OTP/TOTP
• Experience with security tools like Fortify, CheckMarx, VeraCode, BurpSuite, Snyk, Nessus
• Familiarity with tools like Git, Jenkins, CircleCI, Maven, Ant, Gradle, Nexus, SonarQube, Artifactory, Chef, Splunk
• Strong knowledge of cryptography, API security, and secret management
• Security certifications such as OSCP
• Excellent interpersonal and communication skills, with the ability to work effectively with all levels of management
• 7 years of experience in Security Testing

• Knowledge of the payments domain
• Additional security certifications
• Experience in a collaborative, cross-functional team environment

• Conduct thorough security testing of web and mobile applications
• Collaborate with development teams to integrate security practices into the software development lifecycle
• Identify, document, and communicate security vulnerabilities and recommend remediation strategies

• Inclusive and diverse work environment
• Opportunities for professional development and growth
• Supportive team culture that values innovation and collaboration

Artech Information Systems