Digixvalley LLC is a leading software house specializing in innovative technology solutions. We’re passionate about leveraging data to drive insights and create intelligent applications. Join our dynamic team to shape your future .Key Responsibilities:
- Perform security assessments, code reviews, and penetration testing for web, mobile, and cloud-based applications.
- Identify vulnerabilities such as OWASP Top 10 and implement strategies to mitigate them.
- Conduct dynamic and static code analysis using security tools (e.g., Burp Suite, Veracode, Checkmarx).
- Collaborate with development teams to integrate security best practices into the SDLC.
- Provide guidance on secure coding practices and ensure proper security controls are built into applications.
- Develop and maintain security guidelines for developers, including training programs and code reviews.
- Perform threat modeling and risk assessments for new and existing applications.
- Assess potential security risks and provide mitigation plans and recommendations.
- Review and assess third-party software, libraries, and services for security vulnerabilities.
- Respond to application-related security incidents and conduct root cause analysis.
- Develop security alerts and monitoring mechanisms for applications in production.
- Work closely with the SOC (Security Operations Center) to monitor for vulnerabilities and attacks.
- Maintain a continuous improvement process for identifying vulnerabilities through testing and automated tools.
- Track and ensure timely resolution of application vulnerabilities and work with teams to ensure patches and fixes are implemented.
- Ensure applications comply with industry security standards, such as OWASP, ISO 27001, NIST, and PCI DSS.
- Assist with audits and reviews of security processes related to application security.
- Keep up to date with the latest security trends, threats, and technologies.
Key Qualifications:
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field.
- 3-5 years of experience in application security or a similar role.
- Proficiency in application security tools such as Burp Suite, OWASP ZAP, Veracode, Checkmarx, etc.
- Knowledge of secure coding practices in programming languages like Java, .NET, Python, JavaScript, and Node.js.
- Strong understanding of web vulnerabilities, including OWASP Top 10, and application threat modeling.
- Experience with CI/CD (Continuous Integration/Continuous Deployment) pipelines and integrating security tools into development workflows.
- Familiarity with cloud security practices (AWS, Azure, GCP) and securing applications in cloud environments.
- Solid understanding of authentication protocols such as OAuth, OpenID Connect, SAML.
- Excellent problem-solving skills with the ability to think like an attacker to identify vulnerabilities.
Preferred Qualifications:
- Certifications such as OSCP, CEH, CISSP, GIAC GWAPT, CSSLP is a plus.
- Experience with containerization security (e.g., Docker, Kubernetes).
- Hands-on experience with DevSecOps practices and tooling.
- Understanding of data encryption techniques and cryptographic protocols.
If you’re passionate about [industry or field] and ready to make an impact at Digixvalley, we’d love to hear from you! Please send your resume and cover letter to Mehroz@digixvalley.com