Skip navigation EPAM

Application Security Engineer / Architect Armenia or Remote

  • hot

Application Security Engineer / Architect Description

Job #: 79284

Description


We are looking for an Application Security Engineer / Architect to conduct application security assessments from start to finish, with minimal assistance from the project team. You will be responsible for increasing security awareness among project teams, working closely with security champions, and helping to deliver secure software.
#LI-DNI
#LI-DNP

What You’ll Do

  • Work with the clients and project teams to perform applications security assessments
  • Act as an expert in specific programming languages and web application environments
  • Identify and validate application vulnerabilities, and suggest remediation at architectural and source code levels
  • Establish a secure software development life cycle or enhance the existing one by introducing necessary security practices
  • Ensure high-quality client service
  • Contribute to building a portfolio-wide reference security architecture
  • Provide the development and conducting of the security training for development teams

What You Have

  • Knowledge of security features provided by at least one operating system (Windows, Linux, Android, iOS, etc.) and development platform/technologies (Java, .NET Framework, databases, etc.)
  • Flexibility to use at least one security methodology: Microsoft SDL, OWASP CLASP, etc
  • Understanding of the nature of security threats, the most common implementations of the threats (XSS, SQL Injection, XSRF, buffer overruns, brute force, rainbow tables, DoS, etc.) and how they match the general classification
  • Competency in security-related activities: risk and privacy assessment, threat modeling, security code review
  • Expertise in security principles such as multi-layered protection, areas of protection, levels of defense, and mitigation mechanisms for every type of threat (validation, sanitizing, crypto operations, etc.)
  • Familiarity with security standards (PCI DSS, HIPAA, NIST, Common Criteria, etc.) and tools for various activities (static code analysis, pen testing, intrusion detection/prevention, etc.)

Nice to have

  • Ability to use the tools to perform actual attacks is a plus
  • Certification in any security area is a plus

We offer

  • Outstanding career development opportunities with a transparent roadmap to accelerate your journey
  • Knowledge sharing within the community of 61,600+ industry’s top professionals worldwide
  • Various opportunities for self-development: hard & soft skills internal training courses, mentoring programs, and unlimited access to 8,000+ LinkedIn Learning courses
  • Free English classes with certified teachers
  • Relocation opportunities within our offices in 45+ countries
  • Bonuses for participating in the referral program
  • Friendly team, enjoyable working environment, and flexible working schedule
  • Medical & family care programs, wellness & fitness programs, corporate and social events
  • Participation in the Employee Stock Purchase Plan

About EPAM

  • EPAM is a leading global provider of digital platform engineering and development services. We are committed to positively impacting our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to learn and grow continuously. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential

在亿磐成长

周剑
解决方案架构师
苏州

朱晓华
首席软件测试工程师
苏州

金秋
首席软件工程师
苏州

我们在世界其他地方。。。