Senior Application Security Engineer

Brimore is a social commerce platform, that enables the local manufacturers to overcome the Go-to-Market challenges and grow on a national scale through a powerful commercial arm of ’Individuals’. This network sells and recommends the products in their surrounding circles either to other individuals or to their small trade shops in their streets via all possible channels.

Brimore is looking for a Senior Application Security Engineer to join our team. You will play a key role in finding and fixing application security issues along with helping define a Secure Software Development Lifecycle (SSDLC) and moving toward DevSecOps. The right candidate for this role will be experienced with software development, static and dynamic application security testing.

Main Responsibilities:

• Execute various levels of security testing on mobile and web applications
• Automate application scanning and vulnerability assessment processes to be part of CI/CD pipelines
• Validate identified security issues within applications and recommend remediation procedures
• Collaborate with Development on application security threat models
• Work with Product Teams to ensure features and functionality conform to security requirements
• Support internal audit controls related to application security

• 5+ years of work experience
• Strong understanding of secure web application design principles and frameworks such as OWASP
• Experience with securing application cloud services
• Experience finding and validating insecure application features and code
• Experience with development security scanning tools such as static and dynamic analysis
• Experience with application exploitation tools such as Metasploit or Burpsuite
• Experience with containerization security practices a plus
• Security certification such as OSCP, GWAPT, or CompTIA PenTest+