Application Security Engineer

As an Application Security Engineer, you will perform application security testing on web applications, mobile applications, microservices, infrastructure code, and open source code in order to expose weaknesses in their design and/or configuration that make them susceptible to exploitation. You will work closely with development teams, product managers, and other members of the information security team to assess risks, conduct security reviews, and recommend steps for the remediation of identified vulnerabilities. You will educate development engineers on secure coding practices and contribute to overall application security awareness. Collaborate with internal teams to define the scope of application security testing activities. Plan and carry out application security testing in all phases of the software development life cycle to identify vulnerabilities in application code and weaknesses in secure coding practices. Use test results to create reports that detail discovered security issues and provide actionable recommendations. Assess discovered vulnerabilities and recommend solutions to reduce risk and mitigate security impacts to the application environment. Communicate findings, risks, conclusions, and recommendations to stakeholders. Consider the impact your testing will have on the business and its users. Clearly articulate and convey the potential business or operational impact of unaddressed security vulnerabilities.