Application Security Engineer II

2 Hours ago • 4 Years +

Job Summary

Job Description

The Application Security Engineer will be responsible for delivering security engineering services to Jumio’s engineering teams, building secure systems and cloud infrastructure. Responsibilities include collaborating with Engineering and Infrastructure teams to identify security gaps, integrating security into software processes, performing penetration testing, auditing source code, providing guidance on vulnerability remediation, managing cross-functional team collaboration, deploying security services, building custom security solutions and leading security initiatives. This role is vital to the global Infosec function.
Must have:
  • 4+ years of experience in a security engineering role
  • Familiarity with Linux operating systems and cloud ecosystems
  • Understanding of core AWS Cloud Services architecture
  • Experience in implementing secure IaC solutions
  • Experience in container-based architecture and deployments
  • Hands on experience in pen testing Web application and API
  • Deep understanding of OWASP Top 10 and CWE 25
Good to have:
  • Experience in pentesting mobile applications
  • Experience in implementing secure infrastructure as code
  • Experience with scripting languages such as Python
  • Knowledge on CI/CD automation tools
  • Relevant security certifications
  • Bachelor's or Master's degree in Computer Science

Job Details

Role Purpose: The Application Security Engineer will be a hands-on role responsible for delivering security engineering services to Jumio’s engineering teams and building secure systems and cloud infrastructure with our engineering teams and for executing initiatives on improving our security program. 

Role Value: This role plays a vital part in our global Infosec function. It enables our business and customers to have more confidence in our systems, our processes and our ability to manage the cyber threats we face by ensuring that we work in a secure cloud infrastructure.  

Example Responsibilities

  • Collaborate with Engineering and Infrastructure teams to identify and fill any security gaps in our SDLC, cloud infrastructure and associated processes
  • Integrate security into the Software/Infrastructure processes from initial threat modelling to decommissioning 
  • Perform manual penetration testing of Web/mobile applications and APIs
  • Audit source code and perform code review for critical application changes
  • Help teams in understanding security vulnerabilities and associated risk, providing guidance in prioritizing and remediation efforts
  • Identify critical security risks and drive mitigation with engineering teams
  • Manage cross-functional internal and external team collaboration and communications
  • Deploy security services and tools through IaC, and actively promote the culture of security as code
  • Periodic security assessments and configuration review of cloud environments
  • Build custom security solutions tooling and automation and lead security initiatives
  • Build, promote and scale DevSecOps across the company and enable integration of tools and practices as the teams transition to DevSecOps. 

 

Experience and Qualifications 

  • 4+ years of experience in a security engineering role, either specialized in application security or cloud security or both with a working knowledge of the non-specialized domain
  • Strong familiarity with Linux operating systems and cloud ecosystems like Amazon AWS, GCP, including networking concepts and security services and patterns
  • Understanding of core AWS Cloud Services (e.g. EC2, ECS, Lambda, RDS, etc.) architecture (e.g. Well-Architectured Framework) and micro services
  • Experience in implementing secure IaC solutions
  • Experience in container-based architecture and deployments (Docker, Kubernetes)
  • Hands on experience in pen testing Web application and API
  • Deep understanding of OWASP Top 10 and CWE 25 
  • Experience in using SAST, DAST, IAST, SCA tools
  • Experience in Threat Modeling
  • Ability to communicate well, present security threats and risks to engineering teams 
  • Self-motivated; ability to work independently on new initiatives.

Great to have Experience and Qualifications 

  • Experience in pentesting mobile applications
  • Experience in implementing secure infrastructure as code
  • Experience with scripting languages such as Python 
  • Knowledge on CI/CD automation tools (AWS DevOps, Github Actions, Jenkins)
  • Relevant security certifications such as CREST, OSCP, OSWE, CEPT, CMWAPT, GPEN, PentTest+, AWS Cloud Practitioner, AWS Security Speciality or any AWS Associate level certification
  • Bachelor's degree or experience with Master's degree in Computer Science

Key Characteristics and Attitudes 

  • Passion for product security as a subject 
  • Ability to learn and adapt to changing technology landscape 
  • Desire to enable change and continuous growth

Jumio Values:

IDEAL: Integrity, Diversity, Empowerment, Accountability, Leading Innovation

Equal Opportunities:

Jumio is a collaboration of people with different ideas, strengths, interests and cultures. We welcome applications and colleagues from all backgrounds and of all statuses.

About Jumio:

Jumio is a B2B technology company dedicated to eradicating online identity fraud, money laundering and other financial crimes to help make the internet safer. We leverage AI, biometrics, machine learning, liveness detection and automation to create solutions that are trusted by leading brands worldwide and respected by industry thought leaders. 

Jumio is the leading provider of online identity verification, eKYC and AML solutions. With a global footprint, we’re expanding the team to meet strong client demand across a range of industries including Financial Services, Travel, Sharing Economy, Fintech, Gaming, and others.

Applicant Data Privacy

We will only use your personal information in connection with Jumio’s application, recruitment, and hiring processes, as described in Jumio’s Applicant Privacy Notice. If you have any questions or comments, please send an email to privacy@jumio.com.

Similar Jobs

DraftKings - Manager, System DBA Operations

DraftKings

Sofia, Sofia City Province, Bulgaria (On-Site)
5 Months ago
Canva - Senior Software Reliability Engineer (Production Health)

Canva

Sydney, New South Wales, Australia (Remote)
1 Month ago
Trend Micro - Sr. AI Engineer

Trend Micro

Taipei City, Taiwan (On-Site)
7 Months ago
NielsenIQ - Support Engineer for OLTP vertical

NielsenIQ

(Remote)
1 Week ago
Motive - Software Engineer - Financial Products

Motive

(Remote)
1 Week ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

ION - Lead Software Engineer, Italy

ION

Pisa, Tuscany, Italy (On-Site)
7 Months ago
N-iX - Senior Node.js Engineer

N-iX

Ukraine (Remote)
1 Month ago
PENN Interactive - Data Scientist

PENN Interactive

(Remote)
2 Weeks ago
Crunchyroll - Senior Data Engineer - Platform Engineering

Crunchyroll

San Francisco, California, United States (Remote)
5 Months ago
GameAnalytics - Senior Backend Developer (Python)

GameAnalytics

(Remote)
1 Month ago
Zynga - Senior Data Scientist (Full Stack)

Zynga

Austin, Texas, United States (On-Site)
2 Weeks ago
JoinZoe - Lead IT Security Engineer

JoinZoe

(Remote)
1 Month ago
PwC - ETIC, Cybersecurity Risk Technology Associate

PwC

Cairo, Cairo Governorate, Egypt (On-Site)
7 Months ago
Veeam Software - Customer Success Systems Engineer with Spanish

Veeam Software

(Remote)
1 Day ago
CoActive Systems - ML Research Engineer

CoActive Systems

San Jose, California, United States (Hybrid)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

Gallagher - Web Content Editor

Gallagher

Bengaluru, Karnataka, India (On-Site)
9 Months ago
Interactive Brokers - Java Developer

Interactive Brokers

Mumbai, Maharashtra, India (Hybrid)
2 Weeks ago
Mindtickle - People Partner (HRBP)

Mindtickle

Pune, Maharashtra, India (Hybrid)
2 Months ago
Optiv - Consultant - Cyber Strategy & Risk

Optiv

Bengaluru, Karnataka, India (On-Site)
1 Week ago
digital agents - Presales and Delivery Head (XR & AI)

digital agents

Gurugram, India (On-Site)
1 Week ago
Zynga - Concept Artist

Zynga

Bengaluru, Karnataka, India (On-Site)
3 Days ago
PivotRoots - UI UX Designer

PivotRoots

Mumbai, Maharashtra, India (Hybrid)
2 Weeks ago
Warner Bros Games - Senior Software Engineer

Warner Bros Games

Hyderabad, Telangana, India (Hybrid)
2 Months ago
DNEG - DMP Artist

DNEG

Mumbai, Maharashtra, India (On-Site)
3 Months ago
Google - International Growth Consultant

Google

Gurugram, Haryana, India (On-Site)
4 Weeks ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Jaipur, Rajasthan, India (On-Site)

View All Jobs

Get notified when new jobs are added by Jumio

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug