Security Software Developer

Summary

Join Hike and become a crucial member of the Rush Gaming Universe team! This Application Security Engineer role demands 2-3 years of experience in application security, focusing on web and mobile applications. You will manage bug bounty submissions, conduct penetration testing, and possess a deep understanding of OWASP Top 10 vulnerabilities. Responsibilities include designing secure architectures, enforcing coding standards, automating security testing, and collaborating with engineering teams. Experience with SAST, DAST, and scripting languages like Python is highly valued. Hike offers tremendous benefits and perks; details can be found at work.hike.in.

Requirements

• 2-3 years of experience in application security with a strong focus on web and mobile application security
• Hands-on experience in penetration testing, including API intercepting, and reverse engineering of APKs
• Deep understanding of OWASP Top 10 vulnerabilities and mitigation techniques
• Experience with SAST, DAST, and other application security tools
• Awareness of cybersecurity trends, attack vectors, and best practices

Responsibilities

• Design and implement secure application architectures aligned with business and security requirements
• Develop and enforce secure coding standards across engineering teams
• Automate security testing in CI/CD pipelines, including SAST, DAST, and dependency scanning
• Perform threat modeling and risk assessments for applications and services
• Conduct regular security code reviews and vulnerability assessments
• Monitor and respond to application security incidents, working closely with engineering and DevOps teams
• Research and recommend new security technologies and best practices to improve application security
• Maintain security documentation and ensure compliance with internal policies and industry standards
• Partner with engineering teams to prioritize security fixes and integrate security best practices into the SDLC
• Communicate security risks and solutions effectively to both technical and non-technical stakeholders
• Managing and triaging bug bounty submissions, evaluating impact, and prioritizing fixes based on risk assessment

Preferred Qualifications

Cloud security and network security knowledge, along with proficiency in scripting languages like Python

Benefits

Tremendous benefits & perks