Application Security Engineer, Application Security Lead (DevSecOps / Azure DevOps)
Gratitude IncApplication Security Engineer, Application Security Lead (DevSecOps / Azure DevOps)
Job Description
Key Skills
0 candidate(s) have already applied for this Job. Apply now
Roles and Responsibilities:
• Embed security into the SDLC by partnering with engineering and DevOps teams across planning, design, build, test, and release.
• Implement and maintain application security testing programs, including:
• SAST (Static Application Security Testing)
• DAST (Dynamic Application Security Testing)
• SCA (Software Composition Analysis)
• IAST (Interactive Application Security Testing)
• RASP (Runtime Application Self-Protection)
• Integrate security scanning and quality gates into Azure DevOps pipelines (Build/Release), ensuring repeatable and automated controls.
• Perform API security testing, including authentication/authorization validation, rate limiting checks, schema validation, and abuse testing.
• Conduct and/or coordinate security penetration testing and validate remediation effectiveness.
• Lead threat modeling and secure design reviews for new features, services, and architectures (microservices, serverless, containerized workloads).
• Establish vulnerability triage and remediation workflows: verify findings, reduce false positives, prioritize by risk, and track to closure.
• Define and promote secure coding standards and provide hands-on guidance (code review support, secure patterns, reference implementations).
• Support cloud security posture for application layers across Azure, AWS, and/or GCP, including identity, secrets, network exposure, and service configurations.
• Implement secrets management and secure configuration practices (e.g., key vault usage, environment hardening, least privilege).
• Build dashboards and metrics to report coverage and progress (scan coverage, mean time to remediate, vulnerability trends, SLA compliance).
• Evaluate and onboard AppSec tools and solutions; optimize pipelines for performance, reliability, and developer experience.
• Run enablement sessions (training, brown bags) to raise developer security maturity and reduce recurring issues.
• Participate in incident response activities related to application vulnerabilities, including root-cause analysis and prevention improvements.
Role
Security
Timings
Day Shift (Permanent)
Industry
IT-Software / Software Services
Work Mode
Hybrid
Functional Area
IT Software/Hardware
Note: Myglit doesn't charge any money from candidates. If you have been asked to pay money to get this job then report to us immediately at support@myglit.com.
Interview Tips
- Giving the VNA round?
- What are the most important skills you acquired as a Soft Skills/VNA trainer?
- How would you handle an irate customer?
Get the Best Jobs
on your Fingertips
Similar Jobs
Collections Team Lead
Gratitude Inc1 - 3 Year(s)
10 - 30 Thousand p.m
Quezon Calabarzon, Philippines
SailPoint IdentityIQ Specialist_ Onsite in Manila
Gratitude Inc2 - 3 Year(s)
80 - 100 Thousand p.m
Quezon Calabarzon, Philippines
Tech sales -Team Manager
Gratitude Inc3 - 5 Year(s)
40 - 50 Thousand p.m
Quezon Calabarzon, Philippines
BPO SailPoint IdentityIQ Specialist
Gratitude Inc3 - 10 Year(s)
Confidential
Manila, Philippines
2 - 10 Year(s)
Confidential
Manila, Philippines
lnformation Security Analyst Global Risk compliance &BCP
Gratitude Inc5 - 7 Year(s)
70 - 75 Thousand p.m
Manila, Philippines
3 - 5 Year(s)
50 - 65 Thousand p.m
Manila, Philippines
Sailpoint Identity IQ Specialist
Gratitude Inc3 - 10 Year(s)
Confidential
Manila, Philippines
SailPoint IdentityIQ Specialist
Gratitude Inc3 - 7 Year(s)
70 - 85 Thousand p.m
Manila, Philippines
Sr. Java Developer
Gratitude Inc10 - 14 Year(s)
100 - 130 Thousand p.m
Manila, Philippines