Position Summary
We're looking for passionate and adaptable Application Security Engineer to join our team. Ideal candidates should have a strong experience in familiarity with cloud security standards and security hardening for server and network settings, experience with CI/CD pipelines and integrating security tools into the development process.
Role And Responsibilities
- Conduct application security review prior release and promote secure coding standards across development teams.
- Perform threat modeling and secure arechitecture review to identify potential security risks and develop mitigation strategies.
- Carry out regular application security check, including penetration testing and security code reviews.
- Participate in incident response activities, including investigating security breaches and implementing corrective actions.
- Develop and enforce security policies and practices throughout the software development lifecycle.
- Integrate security tools and practices into CI/CD pipelines for continuous security monitoring.
- Support secure development standard related to data security and protection
- Perform security review for cloud infrastructure including its resources
- Ensure compliance with industry standards and regulations such as ISO 27001, NIST, and GDPR.
- Manage and operate AI-driven security tools for enhanced vulnerability detection and threat analysis.
- Participate in machine learning models development for predictive security analytics and anomaly detection.
Skills And Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Minimum of 3 years of experience in application security with a focus on secure development, SDLC, DevSecOps.
- Familiarity with cloud security standards and security hardening for server and network settings
- Proficient in using SAST and DAST tools and strong knowledge of secure coding practices and common vulnerabilities (e.g., OWASP Top 10).
- Experience with CI/CD pipelines and integrating security tools into the development process.
- Preferred certifications include OSCP, Certified DevSecopS Pro, CompTia PenTest+, PJPT
- Excellent communication skills with the ability to work collaboratively with cross-functional teams.
- Strong problem-solving skills and attention to detail
- Experience in a DevOps or Agile environment.
- Knowledge of cloud security and containerization technologies (e.g., Docker, Kubernetes).
- Familiarity with penetration testing and red teaming.
- Samsung has a strict policy on trade secrets. In applying to Samsung and progressing through the recruitment process, you must not disclose any trade secrets of a current or previous employer.
- Please visit Samsung membership to see Privacy Policy, which defaults according to your location. You can change Country/Language at the bottom of the page. If you are European Economic Resident, please click here.