Application Security Engineer Job in Ukg Inc
Application Security Engineer
Ukg Inc
4+ weeks ago
- Bengaluru, Bangalore Urban, Karnataka
- Not Disclosed
- Full-time
- Permanent
Job Summary
As an Application Security Engineer, you will ensure that our software is designed and implemented following security best practices. You will leverage your technical knowledge to enable developers and engineering teams to move quickly without compromising on security.
We are looking for someone with a strong application security engineering and development background. The ideal candidate will partner with development teams to threat model attack scenarios and derive corresponding security requirements, review code to uncover vulnerabilities/flaws, and test/participate in attack simulations with our internal Ethical Hacking organization.
Primary/Essential Duties and Key Responsibilities:
As an AppSec Engineer you will:
Work with our code
Develop techniques to ensure global security and development teams find flaws before they are introduced into production
Be a security subject matter expert on software security
Work with development teams to design solutions that are inherently secure
Be a champion for simple security models
Correctly balance security risk and product advancement
Lead software security initiatives
Lead or participate in threat modeling discussions
Perform code deep dives to uncover security vulnerabilities or design flaws
Document findings and architectural issues for development and other security team's consumption
Evaluate the security posture of existing applications.
Perform proactive research to detect new attack vectors and pen test internal and external apps
We are looking for someone who has:
Software development experience in a production environment
A deep understanding of the web application architecture
A knack for finding flaws in software and can efficiently communicate how to fix them
Effective communication skills and is accustomed to working closely with a product team
Does not always default to industry norms when solving a problem
An ability to think like an attacker to develop threat models
Has designed and implemented mitigations for common classes of bugs
Two or more years of proven experience in at least 2 of the following areas:
Threat Modeling
Manual Code Reviews/Peer Code reviews with the focus on security
Familiar with application security control frameworks and its current usage in modern distributed web applications (e.g. Authentication, Cryptography and Data Protection, Authorization, Web Service Security, Security Headers)
Static Source Code Review and Software Composition Analysis Tools (e.g. Checkmarx, Black Duck, Fortify, etc.)
Coding experience in one or more general languages (C#, Java, Kotlin, etc.) at production environments
Mobile App security
Preferred Qualifications:
5 years of relevant work experience
Distributed System Design Experience
Comfortable with usage of Unix/Linux systems
Container Security
Detail-Oriented
Interpersonal Skills:
Strong critical thinking and analytical skills
Team working ability to work and collaborate with other team members
#LI-Post
#LI-Remote
Location:
Canada - Canada - Remote, France - France - Remote, Germany - Germany - Remote, Hawaii - Hawaii - Remote, Noida, Bangalore, Remote, Singapore - Singapore - Remote, The Netherlands - The Netherlands - RemoteFunction:
Software & Product DevelopmentRef #:
20210018092Description & Requirements
Description
Ultimate Kronos Group (UKG) is seeking an Application Security Engineer (AppSec Engineer) to work in our Global Security team. You will be part of a dynamic team of software security engineers that support our organization s goal of building and releasing software that our customers can trust.As an Application Security Engineer, you will ensure that our software is designed and implemented following security best practices. You will leverage your technical knowledge to enable developers and engineering teams to move quickly without compromising on security.
We are looking for someone with a strong application security engineering and development background. The ideal candidate will partner with development teams to threat model attack scenarios and derive corresponding security requirements, review code to uncover vulnerabilities/flaws, and test/participate in attack simulations with our internal Ethical Hacking organization.
Primary/Essential Duties and Key Responsibilities:
As an AppSec Engineer you will:
Work with our code
Develop techniques to ensure global security and development teams find flaws before they are introduced into production
Be a security subject matter expert on software security
Work with development teams to design solutions that are inherently secure
Be a champion for simple security models
Correctly balance security risk and product advancement
Lead software security initiatives
Lead or participate in threat modeling discussions
Perform code deep dives to uncover security vulnerabilities or design flaws
Document findings and architectural issues for development and other security team's consumption
Evaluate the security posture of existing applications.
Perform proactive research to detect new attack vectors and pen test internal and external apps
We are looking for someone who has:
Software development experience in a production environment
A deep understanding of the web application architecture
A knack for finding flaws in software and can efficiently communicate how to fix them
Effective communication skills and is accustomed to working closely with a product team
Does not always default to industry norms when solving a problem
An ability to think like an attacker to develop threat models
Has designed and implemented mitigations for common classes of bugs
Qualifications
Required Qualifications:Two or more years of proven experience in at least 2 of the following areas:
Threat Modeling
Manual Code Reviews/Peer Code reviews with the focus on security
Familiar with application security control frameworks and its current usage in modern distributed web applications (e.g. Authentication, Cryptography and Data Protection, Authorization, Web Service Security, Security Headers)
Static Source Code Review and Software Composition Analysis Tools (e.g. Checkmarx, Black Duck, Fortify, etc.)
Coding experience in one or more general languages (C#, Java, Kotlin, etc.) at production environments
Mobile App security
Preferred Qualifications:
5 years of relevant work experience
Distributed System Design Experience
Comfortable with usage of Unix/Linux systems
Container Security
Detail-Oriented
Interpersonal Skills:
Strong critical thinking and analytical skills
Team working ability to work and collaborate with other team members
#LI-Post
#LI-Remote
Corporate overview
Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our employees are an extraordinary group of talented, energetic, and innovative people who care about more than just work. We strive to create a culture of belonging and an employee experience that empowers our people. UKG has more than 13,000 employees around the globe and is known for its inclusive workplace culture. Ready to be inspired? Learn more at www.ukg.com/careersEEO Statement
Equal Opportunity Employer
Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws.
ViewThe EEO is the Law posterand itssupplement.
View thePay Transparency Nondiscrimination Provision
UKG participates in E-Verify. View the E-Verify postershere.
Disability Accommodation
For individuals with disabilities that need additional assistance at any point in the application and interview process, please emailUKGCareers@ukg.comor please call1 (978) 250 9800.
Experience Required :
Minimum 5 Years
Vacancy :
2 - 4 Hires
Similar Jobs for you
Help us improve TheIndiaJobs
Need Help? Contact us