18/2
275 👀
Atera
Application Security Engineer
Atera is inventing a new way of managing ...


We are looking for an experienced Application Security Engineer to join us! As an Application Security
Engineer, you will work as part of our security and R&D teams and collaborate with other IT professionals to ensure that our application, the product, the services, and the data are protected.
This is a full-time and onsite (hybrid-remote) role at our Tel Aviv office.


Responsibilities:

● Providing technical leadership, guidance, and direction to the DevOps, Development, and Product teams on secure code programming, based on industry best practices.
● Developing and maintaining specific documentation of application security controls, policies, and procedures and ensuring their implementation.
● Designing technical solutions to address security weaknesses.
● Analyzing system services, and spotting issues in code, infrastructure, and applications.
● Develop and implement continuous service improvements to the Application Security Management program.
● Deliver next-generation application security controls, solve technical barriers with tools and processes, and align with application teams to ensure strong adoption.
● Perform threat modeling, static and/or dynamic analysis, application security validation (negative and positive), source code review, and app PenTests to provide development guidance based on security best practices.
● Update the library of information security documentation with application standards, work instructions, and training materials.
● Develop communication plans for the enterprise security application function by partnering with
business and enterprise architects.
● Conducting pilot or POC with selected vendors for threat modeling, architecture reviews, code scanning, and penetration testing.
● Collaborating with cross-functional teams and getting their cooperation.


Requirements:

● 4+ years of overall technical experience in system design, project development, and production
support of large cloud-native web applications/systems.
● Secure software development framework experience and adherence to industry benchmarks (OWASP top 10, SANS top 25, MS SDL, CWE 25).
● Application penetration testing experience.
● Experience working with static/dynamic analysis tools - SAST/DAST (such as BlackDuck,
SonarQube, Seeker, Coverity).
● We are looking for a self-motivated person who is flexible and will be adaptive to a very busy work environment!
● A bachelor's or master's degree in computer science, information security, or other related fields-
an advantage.

Feb 18, 9:27 AM

apply to


Upload CV

About Blog Values
Premium Silver Contact
Articles Privacy policy Terms of service
indydevs © 2016-2024


Arlozorov 186, Tel Aviv, Israel
Dolores 240, Suite 12, San Francisco, CA

contact@indydevs.com