Digixvalley LLCย is a leading software house specializing in innovative technology solutions. Weโre passionate about leveraging data to drive insights and create intelligent applications. Join our dynamic team to shape your future .Key Responsibilities:
- Perform security assessments, code reviews, and penetration testing forย web, mobile, and cloud-based applications.
- Identify vulnerabilities such asย OWASP Top 10ย and implement strategies to mitigate them.
- Conduct dynamic and static code analysis using security toolsย (e.g., Burp Suite, Veracode, Checkmarx).
- Collaborate with development teams to integrate security best practices into theย SDLC.
- Provide guidance on secure coding practices and ensure proper security controls are built into applications.
- Develop and maintain security guidelines for developers, including training programs and code reviews.
- Perform threat modeling and risk assessments for new and existing applications.
- Assess potential security risks and provide mitigation plans and recommendations.
- Review and assess third-party software, libraries, and services for security vulnerabilities.
- Respond to application-related security incidents and conduct root cause analysis.
- Develop security alerts and monitoring mechanisms for applications in production.
- Work closely with theย SOC (Security Operations Center)ย to monitor for vulnerabilities and attacks.
- Maintain a continuous improvement process for identifying vulnerabilities through testing and automated tools.
- Track and ensure timely resolution of application vulnerabilities and work with teams to ensure patches and fixes are implemented.
- Ensure applications comply with industry security standards, such asย OWASP, ISO 27001, NIST, and PCI DSS.
- Assist with audits and reviews of security processes related to application security.
- Keep up to date with the latest security trends, threats, and technologies.
Key Qualifications:
- Bachelorโs degree inย Computer Science, Cybersecurity, Information Technology, or related field.
- 3-5 years of experienceย in application security or a similar role.
- Proficiency in application security tools such asย Burp Suite, OWASP ZAP, Veracode, Checkmarx, etc.
- Knowledge of secure coding practices in programming languages likeย Java, .NET, Python, JavaScript, and Node.js.
- Strong understanding ofย web vulnerabilities,ย includingย OWASP Top 10, andย application threat modeling.
- Experience withย CI/CD (Continuous Integration/Continuous Deployment)ย pipelines and integrating security tools into development workflows.
- Familiarity with cloud security practicesย (AWS, Azure, GCP)ย and securing applications in cloud environments.
- Solid understanding of authentication protocols such asย OAuth, OpenID Connect, SAML.
- Excellent problem-solving skills with the ability to think like an attacker to identify vulnerabilities.
Preferred Qualifications:
- Certifications such asย OSCP, CEH, CISSP, GIAC GWAPT, CSSLPย is a plus.
- Experience with containerization securityย (e.g., Docker, Kubernetes).
- Hands-on experience withย DevSecOpsย practices and tooling.
- Understanding ofย data encryption techniquesย andย cryptographic protocols.
If you’re passionate about [industry or field] and ready to make an impact at Digixvalley, weโd love to hear from you! Please send your resume and cover letter to Mehroz@digixvalley.com