Application Security Engineer, remote

InCountry is helping companies meet the increasing complexity of data residency and data protection laws globally by enabling companies to quickly address data residency issues in a secure manner. The Trust and Security team at InCountry is focused on ensuring the appropriate internal controls are in place and operating effectively to mitigate risks to InCountry and its customers.

Maintain SDLC program
Conduct penetration testing of application and infrastructure and work with teams to close all findings
Perform threat models of all applications, risk rate all findings and work with teams to close all findings
Develop, communicate and provide regular updates on application security roadmap

Required Skills

3-5 years in an application security role
Prior experience developing threat models in alignment with industry standards (e.g. NIST, MS SDL, etc)
Be a security subject matter expert and respond to any internal security engineering questions/request
Correctly balance security risk and product advancement
Perform penetration testing on our internal and external applications
Perform proactive research to detect new attack vectors
Prior experience integrating static & dynamic analysis in CI/CD pipeline
Train our engineers on secure software engineering
Excellent written and verbal communications skills
SME in cryptography, authentication and security protocols
Bachelor's degree in Computer Science or a related field

Preferences:
Prior experience with GCP, AWS, Azure and GKE
Has a deep understanding of web applications

Experience RequiredMid-Senior level

Conditions:

● Contract directly with an American company.

● Flexible schedule

To respond to a vacancy:

1. Link https://www.linkedin.com/in/zulfiiagasanova/

2. Telegram https://t.me/ZulfiaG