Job Description

Application Security Engineer (Remote) Experience Required - 5+ Years Salary - USD 3,375 - 3,750 / month Expected Notice Period - 2 to 4 Weeks Shift - US Shift (8 PM to 5 AM IST) Opportunity Type - Contractual Working Mode - Remote Contract Duration : Full-time, 12 months (*Note: This is a requirement for one of Uplers\' clients) About the Company: Our Client [Gitlab] is an open-core company that operates - a DevOps software package which can develop, secure, and operate software. It enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. Looking for: Senior Application Security Engineer focused on SAST having experience of core development / coding in the past and then moved to analyzing vulnerabilities, Code analysis and security aspects of the applications. Roles & Responsibilities: Assist in enhancing GitLab\'s Semgrep rules to detect vulnerabilities and minimize false positive matches Create new semgrep rules for identifying web framework specific vulnerabilities Create tests both positive and negative when creating or modifying semgrep rules Write clear and formal descriptions of vulnerabilities and how to remediate them Requirements: Must Haves: Security code reviews for at least one of these programming languages: Python, Java, Go, C#, JavaScript, C/C++ Ability to identify vulnerabilities and vulnerability classes that are specific to programming languages Understand what sources, sinks and sanitizers are in the context of SAST Understanding of CVE, CWE, CVSS and how they apply to vulnerabilities How to mentally trace data and control flow when analyzing an application for vulnerabilities Experience using SAST tools Should have development / coding experience in Past (outside Security) Nice to Have: Security code reviews for at least one web framework: spring boot, django, ruby on rails, express js etc Experience using DAST Tools Wrote SAST rules in the past for Semgrep or other SAST tools Developed other SAST tools. Program analysis experience About Uplers: Our goal is to make hiring reliable, simple, and fast. Our role will be to help all our talents find and apply for contractual remote opportunities and progress in their career. We will support any grievances or challenges you may face during the engagement. You will also be assigned to a dedicated Talent Success Coach during the engagement. How to apply for this opportunity Register or login on our portal & fill out the application Clear the assessment(s) required and apply for the opportunity Once completed, our team will contact you with an interview with our SME/Matcher Once it s all done, your profile will be shared with the client When selected, just meet the client and get your exciting career started! ( Note: There are many more opportunities apart from this on our portal. Depending on the assessments you clear, you can apply for them as well).

foundit