Senior Application Security Engineer

Job Locations PH-Rizal-Taytay
Posted Date 2 months ago(12/14/2022 9:59 AM)
Requisition ID
2022-8405
# Of Equipment Required
10
Category (Portal Searching)
Information Technology

Overview

Does your passion make you seek a fast-paced and dynamic working environment? 

 

You just might be who we’re looking for - awesomeness to add to our already amazing Qmunity! 

 

More than just a company of Customer Service Champions, Quantrics is now a leading Digital Services and IT/Software Solutions Provider. 

 

With us, you will get to grow your professional career, work with our award-winning IT Dev Team, and gain fulfillment from significantly contributing to the global digital landscape. 

 

 

Enjoy the following benefits: 

  • Hybrid work set-up
  • Equipment will be provided   
  • Competitive Salary, Pay per performance, and bonuses!   
  • HMO upon day 1 + 2 dependents free up to 75 y/o 
  • 6 months paid maternity/paternity leave  
  • Group life Insurance and so much more!  

Responsibilities

  • Perform in-depth penetration tests of web applications and APIs.
  • Conduct manual and automated security assessments and source code reviews of web applications to identify vulnerabilities and weaknesses.
  • Apply advanced skills, knowledge and experience to bypass existing security measures
  • Contribute to the development, adoption, and enforcement of application security standards, controls.
  • Participate in threat modeling and secure source code reviews 
  • Actively participate and lead secure architectural design sessions.
  • Track security vulnerabilities and work with development teams to remediate open issues within agreed-upon timeframes.

Qualifications

  • 3+ years of hands-on, in-depth experience in application penetration testing in support of product development and enterprise goals.
  • Experience with web and API attack and mitigation methods, security assessments and penetration testing.
  • Knowledge of open security standards such as OWASP Top 10, OWASP ASVS, SANS Top 25, CWE, NIST
  • Security testing tools including OWASP Zed Attack Proxy, Burp Suite, Postman.
  • Solid understanding of common web application technologies, languages, and frameworks.
  • In-depth knowledge of common software vulnerabilities and a strong understanding of methods to identify and remediate vulnerabilities.
  • Web application firewall (WAF)
  • SAST, DAST and IAST tools
  • Programming experience in .NET, C# and Java
  • Experience with Web Services such as JSON, XML and REST Technologies 
  • Experience in advocating security best practices for third party integrations (e.g. Cloud solutions, third-party libraries, etc.).
  • Knowledge of secure coding principles and best practices for web applications

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed