Application Security Specialist

GSSTech Group

Key Responsibilities

• Implement and maintain robust application security controls across enterprise systems
• Conduct vulnerability assessments, penetration testing, and secure code reviews
• Perform threat modelling and risk assessments for new and existing applications
• Collaborate with development teams to integrate secure coding practices within the SDLC
• Support the integration of security tools within CI/CD pipelines (DevSecOps practices)
• Configure and manage application security tools such as SAST, DAST, and Web Application Firewalls (WAF)
• Monitor and respond to application-level security incidents, ensuring timely resolution
• Provide guidance and awareness to development teams on security best practices

Required Qualifications & Experience

• Minimum 5 years of experience in cybersecurity, with a strong focus on application security
• In-depth knowledge of the OWASP Top 10 and common web application vulnerabilities
• Hands-on experience with vulnerability assessment tools, SAST/DAST solutions, and WAF technologies
• Strong understanding of secure coding practices across technologies such as Java, .NET, Node.js, or similar
• Experience working in Agile/DevOps environments with cross-functional teams
• Strong analytical and problem-solving skills, with attention to detail

Preferred Qualifications

• Relevant certifications such as CISSP, CEH, OSCP, or equivalent
• Experience with cloud platforms (AWS, Azure, or GCP) and related security practices
• Familiarity with DevSecOps frameworks and automation tools

Key Competencies

• Strong communication and stakeholder management skills
• Ability to identify and remediate security risks effectively
• Proactive approach to continuous improvement in application security