Senior Application Security Engineer

at DigiCert
๐Ÿ‡ฟ๐Ÿ‡ฆ South Africa - Remote
๐Ÿ”’ Cybersecurity๐ŸŸฃ Senior

Job description

Who we are

We’re a leading, global security authority that’s disrupting our own category.ย  Our encryption is trusted by the major ecommerce brands, the world’s largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers.ย  We help companies put trust - an abstract idea - to work. That’s digital trust for the real world.

Job summary

As a Senior Application Security Engineer specializing in application security and DevSecOps within our cybersecurity team, you will play a crucial role in safeguarding our company’s web applications by integrating security practices into the Software Development Life Cycle (SDLC). You will be responsible for the proactive identification, assessment, and mitigation of security vulnerabilities, developing and driving the adoption of DevSecOps practices, and ensuring that security is embedded in all phases of software development.

This is a remote position.

What you will do

  • Lead the integration of security measures into the SDLC, ensuring that all aspects of web application development are secure by design.
  • Conduct thorough security assessments and penetration testing for web applications to identify vulnerabilities and security gaps.
  • Play an advisory role with software engineering teams in the architectural design of new applications, emphasizing secure architectural patterns and best practices.
  • Perform and coordinate manual and automated code reviews.
  • Lead threat modeling exercises across engineering teams.
  • Collaborate with software development teams to implement DevSecOps practices, providing guidance on secure coding, automated security testing, and continuous monitoring.
  • Contribute to internal security tooling development or integration.
  • Develop and maintain a secure framework for code deployment, automating security processes where possible to streamline the development workflow.
  • Work cross-functionally with various teams, including IT, engineering, operations, and business units, to communicate security policies and procedures effectively.
  • Establish and maintain strong relationships with stakeholders, presenting complex security concepts in an accessible manner.
  • Stay abreast of the latest security threats, trends, and technologies in web application security and incorporate this knowledge into company practices.
  • Assist in the development and enforcement of security policies and procedures, ensuring compliance with industry standards and regulations.
  • Assist with managing bug bounty program.
  • Develop program documentation to promote operational stability and scalability.
  • Support Leadership in defining and executing the roadmap for DevSecOps maturity and secure SDLC initiatives.
  • Support governance and compliance teams on secure engineering practices for aligning security policies related to SDLC
  • Drive and support security identified remediation efforts.
  • Foster and promote a security-forward culture.
  • Mentor junior team members.
  • Other duties and responsibilities, as assigned.

What you will have

  • Bachelorโ€™s or masterโ€™s degree in computer science, cybersecurity, or a related field.
  • Professional security certifications such as CISSP, OSCP, CEH, or equivalent are highly desirable.
  • 5+ years of experience in cybersecurity, with a focus on web application security and secure SDLC.
  • Experience with red team implementation and methodologies.
  • Proven track record of working with DevSecOps tools (such as SAST/DAST/SCA) and methodologies.
  • Strong understanding of security protocols, cryptography, authentication, authorization, and security vulnerabilities.
  • Proficiency with programming/scripting languages such as JavaScript, Python, Java, Bash, PowerShell
  • Excellent communication skills with the ability to engage technical and non-technical stakeholders.
  • Strong analytical and problem-solving abilities, with a meticulous attention to detail.
  • Advanced level of knowledge of Information Security design concepts and principles

Nice to have

  • Master’s degree in a technical discipline
  • Experience working in highly regulated environments.
  • Advanced level of knowledge of IT frameworks and standards (NIST, OWASP Top Ten, COBIT, ITIL, ISO, PCI-PIN, GDPR, WebTrust, FedRAMP)
  • Certified Information Systems Auditor (CISA)
  • AWS Solutions Architect

Benefits

  • Provident Fund
  • Medical Aid + Gap Cover
  • Employee Assistance Program
  • Gym Reimbursement
  • Life Insurance
  • Disability Insurance
  • Sabbatical

#LI-GA1

__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT__PRESENT

__PRESENT__PRESENT

Share this job:
Please let DigiCert know you found this job on Remote First Jobs ๐Ÿ™

Similar Remote Jobs

Latest Jobs at DigiCert

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service ๐Ÿ™

Apply