Secure enterprise applications by integrating SAST, DAST, and SCA tools into CI/CD pipelines and conducting threat modeling at APPIT Software Solutions in Hyderabad.
Hyderabad, India
Full-time
Cybersecurity
Responsibilities
Perform security code reviews and static/dynamic application security testing (SAST/DAST) across web and API applications
Integrate security scanning tools into CI/CD pipelines to automate vulnerability detection
Conduct threat modeling and architecture risk analysis for new product features and services
Collaborate with development teams to remediate identified vulnerabilities and establish secure coding practices
Develop and maintain secure coding guidelines, security training materials, and OWASP compliance checklists
Track and report on application security metrics, vulnerability trends, and remediation timelines
Requirements
3+ years of experience in application security or software security engineering
Hands-on experience with SAST tools (SonarQube, Checkmarx, Fortify) and DAST tools (Burp Suite, OWASP ZAP)
Strong understanding of OWASP Top 10, CWE/SANS Top 25, and secure SDLC practices
Proficiency in at least one programming language (Java, Python, JavaScript, or Go) for code review
Experience with REST API security testing and authentication/authorization mechanisms (OAuth 2.0, JWT)
Familiarity with container security and cloud-native application security principles
Nice to Have
GWAPT, CEH, or OSWE certification
Experience with software composition analysis (SCA) tools like Snyk or Dependabot
Knowledge of GraphQL security testing
Skills
SAST/DASTBurp SuiteOWASP ZAPThreat ModelingSecure SDLCSonarQubePythonREST API Security
Apply for this position
Fill in your details below to submit your application.