Jobs Career Advice Signup
X

Send this job to a friend

X

Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Feb 7, 2023
    Deadline: Not specified
    • @gmail.com
    • @yahoo.com
    • @outlook.com

  • Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us

    Cellulant is a digital payments business. We run an ecosystem of consumers, merchants and banks in which we facilitate payments and build value through the value-added services we layer on top. In building this ecosystem we serve different types of customers with different products, in a range that includes mobile banking products, mobile credit products, US...
    Read more about this company

     

    Application Security Engineer

    JOB DESCRIPTION:  

    Application Security Engineers work closely with development teams, product managers (PM), and Quality Engineers to ensure that Cellulant’s products are secure. As an application security engineer, you will be required to set security controls and design requirements during the software creation and development stage of the software lifecycle. You will also be required to lead the integration of these designs into the software.

    In this position, you are a passionate and talented application security engineer with a very deep understanding of OWASP, CWE 25, Data Protection, Access management software vulnerabilities, and best practices design and threat modeling skills who can work in a dynamic environment. You must be dedicated to able to work with developers in producing secure code in short time frames and be willing to go beyond the standard routine.

    You will work closely with Software Engineers, DevOps Engineers, Software Quality Engineers and Product Managers within existing product teams to deliver high-quality software releases.

    CORE RESPONSIBILITIES:

    • Performing security-focused code reviews.
    • Supporting and consulting with product and development teams in the area of application security, including threat modeling and application security reviews.
    • Assisting teams in reproducing, triaging, and addressing application security vulnerabilities.
    • Assisting in the development of security processes and automated tooling that prevent classes of security issues.
    • Leading both critical and regular security releases.
    • Leading application security reviews and threat modeling, including code review and dynamic testing.
    • Leading the development of automated security testing to validate that secure coding best practices are being used.
    • Guiding and advising product development teams as SMEs in the area of application security.
    • Developing security training and socializing the material with internal development teams.
    • Participating and assisting in initiatives to holistically address multiple vulnerabilities found across our product spectrum

    QUALIFICATIONS & EXPERIENCE:

    Must have experience:

    • 3-5 Years of Experience in Application Security, SSDLC, and Threat Modelling with an MS/BS degree in Information System Management / Computer Science / Information Security or a related technical discipline with at least 2 years of Software Development experience.
    • MUST have a deep understanding of OWASP Top 10 and CWE 25; with a proven track record and experience in implementing and integrating remediation strategies.
    • Well-versed in application design, penetration testing, application risk assessment, and risk categorization.
    • Experience in managing application security testing tools like SAST, DAST and Open Source Vulnerability Scanning. 
    • Solid problem-solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution.
    • Able to work well with software engineering teams.
    • Experience identifying security issues through code reviews.
    • Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
    • Familiarity with some common security libraries and tools (e.g. static analysis tools, proxying / penetration testing tools).
    • Familiarity and ability to explain common security flaws and ways to address them (e.g. OWASP Top 10).
    • Good development or scripting experience and skills. Java, Springboot,  JavaScript, and/or Python are preferred.
    • A basic understanding of network and web-related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols).
    • CICD (Continuous Integration Continuous Development) – Circle CI, Jenkins, GitHub
    • Must be a self-starter, able to work under pressure and with limited supervision both individually and with other team members

    Experience that will count in your favor: 

    • Experience working in Agile teams
    • Experience in Linux operating systems
    • Excellent organization and time management skills and ability to work independently with minimal supervision
    • Must be able to work in a fast-paced environment and manage priorities and multi-task.

    Method of Application

    Interested and qualified? Go to Cellulant Corporation on cellulant.bamboohr.com to apply

    Build your CV for free. Download in different templates.

  • Send your application

    View All Vacancies at Cellulant Corporation Back To Home
    View Current vacancies at Cellulant Corporation
Jobs You Might Be Interested in

Related Companies Hiring Now

Average Salary at Cellulant Corporation
KSh 73K from 3 employees
Checkout salary structure of Cellulant Corporation »
Mysalaryscale.com

Career Advice

View All Career Advice
 

Subscribe to Job Alert

 

Join our happy subscribers

 
 
Send your application through

GmailGmail YahoomailYahoomail