About Centific–

Centific is a global organization with offices in the US, Europe, India, and Asia-Pacific. Clients include 100 of the Global 500 companies, with industry concentration in Software and Technology, CPG, Retail, Logistics, Financial Services, Insurance, Healthcare, Food & Beverage, and Travel & Hospitality.

With a core focus on Data, Intelligence, and Expertise, Centific helps clients achieve new levels of performance while adding brand-new digital business capabilities to drive relevance, revenue, and growth. With the clarity of vision, technological expertise, operational excellence, and a global footprint, Centific is the partner of choice for enterprises that want to run smarter – and for those that want to change the race.

https://www.centific.com/

Role: Application Security Engineer II

Job Description:

• Designing and implementing security strategies and policies that meet an organization's specific needs.
• Conduct regular security assessments and penetration tests on company products. Identify vulnerabilities and security gaps in existing applications and propose remediation solutions.
• Lead the development and implementation of a comprehensive vulnerability management program. This includes continuous monitoring, analysis, and prioritization of vulnerabilities discovered in applications.
• Implement and maintain security tools and processes to automate the detection of security vulnerabilities. Integrate security tools into the CI/CD pipeline. Security tools to be considered (not limited to): Static code analysis (mainly Python and TypeScript); dynamic code analysis and scanning for vulnerabilities using Burp Suite and OWASP ZAP; software composition analysis.
• Work with the development team to ensure secure coding practices are implemented. Provide training and guidance on security best practices and emerging threats. Conduct threat modeling, architecture reviews, and consult development teams when making architecture decisions. Develop security requirements at the early stages of the product life cycle.
• Participate in the response to security incidents, including performing post-mortem analysis and recommending preventive solutions.
• Ensure applications comply with industry standards and regulations such as OWASP, GDPR, SOC 2, and ISO 27001.
• Collaborate with cross-functional teams to promote a culture of security awareness. Communicate effectively with both technical and non-technical stakeholders.

Additional Job Description

• Understanding of architecture and working principles of modern applications.
• Experience with Azure cloud security.
• Strong knowledge of security principles, techniques, and protocols (e.g., OWASP Top 10, SSL/TLS, etc.).
• 5 years of working experience as Application Security Engineer or in a similar position (Penetration testing, Red Team, Bug Bounty etc.).
• Strong knowledge of at least one scripting language (Python, PowerShell, bash).
• Excellent problem-solving and communication skills.

Benefits offered – Comprehensive healthcare, dental & vision, 401k plan, PTO, etc.

"Centific is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, citizenship status, age, mental or physical disability, medical condition, sex (including pregnancy), gender identity or expression, sexual orientation, marital status, familial status, veteran status, or any other characteristic protected by applicable law. We consider qualified applicants regardless of criminal histories, consistent with legal requirements"