CybersecurityJobs.io
← Back to all jobs
Zenus Bank

Application Security Engineer (AppSec)

San Juan, PR Full time Posted 21h ago

Job Description

Zenus Bank is seeking an Application Security Engineer to secure applications, APIs, and software components across the software development lifecycle within the SecOps domain. This hybrid on-site/remote role is based in San Juan, PR, offering the flexibility of both in-person collaboration and remote work.

Responsibilities

  • Conduct application security assessments using SAST, SCA, and DAST tooling.
  • Carry out quarterly internal manual penetration testing of applications and APIs within an approved scope.
  • Develop threat models for new applications and significant changes.
  • Identify, analyze, and document vulnerabilities and security weaknesses at the application level.
  • Collaborate with development teams to drive secure remediation and promote secure coding practices.
  • Establish and maintain secure coding standards aligned with OWASP Top 10 and OWASP API Top 10.
  • Verify that security findings are remediated before release.
  • Maintain vulnerability tracking and reporting in Archer or approved systems.
  • Support ISO during audits and security assessments by providing application security evidence.

Requirements

  • Three or more years of experience in application security, secure software development, or ethical hacking.
  • Strong knowledge of secure coding principles and common application vulnerabilities.
  • Hands-on experience with SAST, DAST, and SCA tools.
  • Experience performing manual application and API penetration testing.
  • Familiarity with REST APIs, authentication mechanisms, and authorization models.
  • Understanding of CI/CD pipelines from a security testing perspective.
  • Strong documentation and vulnerability reporting skills.

Technologies

  • SAST
  • DAST
  • SCA
  • Archer
  • OWASP Top 10
  • OWASP API Top 10
  • REST APIs

Similar Jobs