About the role
• 8+ years of experience in application security, secure software engineering, cybersecurity architecture, or related roles • Proven experience implementing and managing application security programs in enterprise environments • Strong understanding of: o Secure SDLC / SSDLC o DevSecOps principles o OWASP Top 10 o API Security Top 10 o Common software and web application vulnerabilities • Hands-on experience with application security testing tools such as: o SAST: Checkmarx, Fortify, Veracode, SonarQube o DAST: Burp Suite, AppScan, Acunetix o SCA: Snyk, Black Duck, Mend/WhiteSource • Experience in threat modeling methodologies (e.g., STRIDE)