Remote Application Security Engineer at Kora

Description:

As an Application Security Engineer at Kora, you will work with the Application Security team to define and execute the security strategy of the products.
You will embed security in the product development lifecycle, from design to testing, to ensure protection against existing and emerging threats.
Responsible for fostering a culture of security awareness within the Engineering & Product teams.
The ideal candidate will have deep technical security knowledge and expertise to implement robust security architecture strategies and governance processes.
Designated to one of Kora's strategic business units.
Conduct code reviews, bug intake, and remediation processes.
Lead application vulnerability scanning and penetration testing remediation.
Manage integration with vulnerability check tools.
Identify security exposures, develop mitigation plans, and address technical glitches.
Administer and optimize Web Application Firewalls.
Participate in security initiatives, provide guidance to junior security engineers, and collaborate with cross-functional teams.
Respond to security incidents, contribute to requirement gathering, and develop automated security testing.
Work as a red team member to enhance the organization's security posture.

Minimum of 3 years' experience as an Application Security Engineer.
Bachelor’s degree in Computer Science, Information Security, or related technical field.
Thorough understanding of attacks, threats, cybersecurity concepts, and system architecture.
Proficiency in software design, web protocols, Linux/Unix tools, application security, and infrastructure security.
Experience in cyber assessments, threat modeling, and emerging technologies.
Problem-solving skills and adherence to security best practices.
Strong communication skills and experience in risk identification, secure software design, and vulnerability detection.
Familiarity with OWASP 10, security certifications, and automation of checks and tests.