Senior Security Engineer (Application)

Role Specifics

As a Senior Security Engineer, you will -

• Be working in a fast-paced DevSecOps environment where it is paramount to control security testing into a continuous deployment/integration flow.

• Play a lead role in developing and designing application-level security controls and standards.

• Perform application security design reviews against new products and services, track and prioritize all security issues, and help build internal security tools that help fix security problems at scale.

• Perform code review and drive remediation of discovered issues.

• Enable automated security testing at scale to measure vulnerability and report on risk across all microservice, web, and mobile platforms.

• Execute security tests on servers that are spread across on-premise and public cloud data centers.

• Be a part of the global security organization, sharing security best practices and standards

Responsibilities 

As part of the Security team responsible for PropertyGuru application security, you will -

• Oversee secure SDLC, application vulnerability assessments, secrets management & and application security compliance for various certifications.

• Assist software developers through source code security reviews, security testing, source code analysis or vulnerability assessments to manage SSDLC security risks using manual & and automated testing.

• Integrate application security in every aspect of CI/CD using tools and implement security gates to ensure secure and compliant code is deployed.

• Create automation scripts/tools whenever required to improve the efficiency of the security posture.

• Work closely with developers, infrastructure engineers & SOC to reproduce reported security issues and work with them to prioritize, test and remediate issues.

• Be required to monitor, respond, investigate, and report on application security events.

• Independently audit and review our key technology platforms, libraries, and security tools to propose an execution plan for security improvements.

• Work with business and technology teams in delivering security projects aligned with the security roadmap.

• Evaluate and make recommendations on new security products and advise on implementation into existing environments and external partners

• Implementing, operating and supporting security tooling, cloud security, services and patterns to support IT delivery teams.

• Assist teams in the identification and management of security risks, through technical security testing or security risk assessments.

• Support or facilitate major security incident response processes by providing technical security leadership.

• Acts as an escalation point for security issues to on-call staff