Application Security Engineer - Threat Modeling/SAST/SCA

Netsentries Application Security Engineers will perform code-aware security assessments, Threat Modeling, SAST, SCA, Security Engineering reviews, etc., of enterprise Web/Mobile applications on different platforms developed in various programming languages. They will work closely with the Netsentries AppSec and client development teams to remedy the identified vulnerabilities. Core responsibilities include: Perform in-depth static secure code analysis with open source and commercial tools Perform Threat Modeling and in-depth manual secure code reviews Perform security engineering reviews Reverse Engineering App binaries and analyzing the decompiled/disassembled code Prepare advisory for developers of the application on secure coding practices for addressing vulnerabilities identified Collecting evidence to demonstrate the findings Collaborating with client-side application security and development teams Handle enterprise SAST projects involving a variety of programming languages including, but not limited to, web applications with Java and .NET, as well as Android and iOS mobile applications Execute code-aware security assessments in adherence with industry standards like OWASP ASVS, OWASP MASVS, OWASP Top 10, OWASP Mobile Top 10, SANS 25, PCI-DSS, HIPAA, MITRE-CWE, etc.