Software Development Engineer Security

Summary

Join Hike and become a key player in building the Rush Gaming Universe. This Application Security Engineer role demands 2-3 years of experience in application security, with a strong focus on web and mobile application security. You will be responsible for designing and implementing secure application architectures, developing and enforcing secure coding standards, and automating security testing. The role also involves conducting security code reviews, vulnerability assessments, threat modeling, and incident response. Collaboration with engineering teams and communication with stakeholders are crucial. Hike offers tremendous benefits and perks; details can be found at work.hike.in.

Requirements

• 2-3 years of experience in application security with a strong focus on web and mobile application security
• Managing and triaging bug bounty submissions, evaluating impact, and prioritizing fixes based on risk assessment
• Hands-on experience in penetration testing, including API intercepting, and reverse engineering of APKs
• Deep understanding of OWASP Top 10 vulnerabilities and mitigation techniques
• Experience with SAST, DAST, and other application security tools
• Awareness of cybersecurity trends, attack vectors, and best practices

Responsibilities

• Design and implement secure application architectures aligned with business and security requirements
• Develop and enforce secure coding standards across engineering teams
• Automate security testing in CI/CD pipelines, including SAST, DAST, and dependency scanning
• Perform threat modeling and risk assessments for applications and services
• Conduct regular security code reviews and vulnerability assessments
• Monitor and respond to application security incidents, working closely with engineering and DevOps teams
• Research and recommend new security technologies and best practices to improve application security
• Maintain security documentation and ensure compliance with internal policies and industry standards
• Partner with engineering teams to prioritize security fixes and integrate security best practices into the SDLC
• Communicate security risks and solutions effectively to both technical and non-technical stakeholders

Preferred Qualifications

Cloud security and network security knowledge, along with proficiency in scripting languages like Python, would be an added advantage