Cadence’s Information Security team is seeking an Application Security Engineer. This role will focus on Cloud and on-premise Application Security controls including WAF and RASP tools. Additionally, this is truly a Security Development Operations role that will ensure security tool integration at the source code repo, build, and artifactory level. As a member of the Information Security team, this role proactively works with research and development teams to protect intellectual property and build in security within the develop life cycle. This will include DAST, SAST, and SCA tools.
This role reports to the Software Security Director and will interface directly with development teams. Of course, there is broad exposure to other aspects of information security related tasks such as incident response, vulnerability management, and deployment of security solutions. The successful candidate for this position is a highly motivated individual with a strong Application Development and Configuration Management /DevOps background that wants to educate and build a software security program.
Key Deliverables and Responsibilities (include but are not limited to the following):
Perform operational support for AWS WAF configurations – updating whitelists and creating security automation web ACLs to protect Internet facing endpoints and applications.
Perform operational support for Azure WAF configurations
Runtime Application Self Protection (RASP) deployment and monitoring
Automate Dynamic Application Security Testing (DAST) in the CI/CD pipeline.
Perform manual penetration tests on web applications
Maintain Cloudflare DDOS protections and WAF configurations.
Implement Runtime Application Self Protection (RASP) on applications to protect containers and web-based applications.
Attend enterprise architecture reviews to standardize and secure new deployments
Qualifications and Special Skills Required
Bachelor’s degree in computer science or engineering field or equivalent combination of education and relevant experience.
A passion to learn and educate others on how to build secure software.
Ability to work in a group setting and independently
Experience with Jira IT ticketing systems.
Good working knowledge in scripting language, Python, PowerShell, etc.
Strong understanding of Linux/UNIX and Windows based operating systems and networks.
Strong working knowledge of Application security concepts and technologies such as:
Experience in OWASP Top 10 and usage of common AppSec testing tools.
Experience of Secure by Design concepts and threat modeling
Knowledge of common security libraries, security controls, and common security flaws.
Experience in application penetration testing techniques and tools
Knowledge of application technologies including Web applications, Web services, XML, SOA, AJAX, JSON, and Web scanning tools
Open Source Security (OSS) – Software Composition Analysis (SCA)
Static Application Security Testing (SAST)
Dynamic Application Security Testing (DAST)
Runtime Application Self Protection (RASP) – Real Time Monitoring detection and prevention
Security Architecture Review – Threat Modeling
AWS and Azure WAF Configuration and whitelisting
Cloudflare DDOS configuration and operation
Manual Penetration Testing
Penetration testing with 3rd party vendors
Host level vulnerability Scanning
Web application security training course development and delivery
Preferred Certifications:
Certified Information Systems Security Professional (CISSP)
SANS GIAC certifications
Amazon Web Services, Azure, Google Cloud Platform
We’re doing work that matters. Help us solve what others can’t.
Job Description We have an opening forSoftware Engineer- C++ for Bangalore/Pune. Experience: 3-15 YearsJob location: Pune & Bangalore Working Mode:...
Apply For This Job: ZS (www.zs.com) is the world’s largest firm focused exclusively on helping companies improve overall performance and grow revenue and...
Apply For This JobDesign, build, test and roll out legal applications along with technical documentation Assist with requirements gathering, user acceptance testing and...
Apply For This JobJob Title Recruiter – Pharma/IT Work Experience 3years -8years Skills recruitment, Talent acquisition, sourcing, screening Location Bangalore – Karnataka ,...
Apply For This JobThe Role Are you up for the challenge and to gain experience with the latest digital technologies and innovations? The...
Apply For This Job*System Admin* The role of the admin is to handle our company website and arrange material to complete customer orders....
Apply For This Job