Located in the most populous country in the most diverse continent, we have come to realise that conventional financial institutions are handicapped in creating sustainable value for the present generation and the next.
We are seeking an experienced Application Security Engineer to help design, build, and maintain secure applications across our development lifecycle. You will work closely with development, DevOps, and product teams to identify and mitigate security risks in our systems.
This role requires a proactive and collaborative individual with a strong understanding of secure coding practices and application architecture.
Key Responsibilities:
- Perform threat modeling, security reviews, and code reviews for web, mobile, and
- API-based applications.
- Integrate security best practices into the SDLC, including CI/CD pipelines.
- Collaborate with developers to remediate vulnerabilities and improve secure coding practices.
- Lead efforts around vulnerability scanning, SAST, DAST, and SCA tools.
- Work with QA and DevOps teams to implement automated security testing.
- Manage and improve the bug bounty program, triaging issues reported by external researchers.
- Stay up to date with the latest security threats, vulnerabilities, and technology trends.
- Contribute to security training and awareness initiatives for developers and engineers.
- Define and document security requirements and policies related to applications.
Requirements
- Bachelor in Computer Science, Electrical & Engineering or any other related degree.
- 3+ years in an application security or related role.
- Strong understanding of OWASP Top 10, CWE/SANS Top 25, and other vulnerability frameworks.
- Experience with secure coding in one or more languages: Python, Java, JavaScript,Go, C#, etc.
- Hands-on experience with tools like Burp Suite, Zap, Fortify, Checkmarx, SonarQube,etc.
- ?Familiarity with cloud security (AWS, Azure, GCP).
- Knowledge of authentication and authorization standards (OAuth2, JWT, SAML,etc.).
- Experience with DevSecOps practices and CI/CD pipelines etc.).
- Relevant security certifications (e.g., OSCP, CSSLP, CEH, GWAPT).
- Hands-on experience in penetration testing or red teaming.
- Strong communication skills — ability to clearly explain security issues to both technical and non-technical stakeholders.
Method of Application
Signup to view application details.
Signup Now
