Application Security Engineer

Position Summary

We're looking for passionate and adaptable Application Security Engineer to join our team. Ideal candidates should have a strong experience in familiarity with cloud security standards and security hardening for server and network settings, experience with CI/CD pipelines and integrating security tools into the development process.

Role and Responsibilities

• Conduct application security review prior release and promote secure coding standards across development teams.

• Perform threat modeling and secure arechitecture review to identify potential security risks and develop mitigation strategies.

• Carry out regular application security check, including penetration testing and security code reviews.

• Participate in incident response activities, including investigating security breaches and implementing corrective actions.

• Develop and enforce security policies and practices throughout the software development lifecycle.

• Integrate security tools and practices into CI/CD pipelines for continuous security monitoring.

• Support secure development standard related to data security and protection

• Perform security review for cloud infrastructure including its resources 

• Ensure compliance with industry standards and regulations such as ISO 27001, NIST, and GDPR.

• Manage and operate AI-driven security tools for enhanced vulnerability detection and threat analysis.

• Participate in machine learning models development for predictive security analytics and anomaly detection.

Skills and Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Minimum of 3 years of experience in application security with a focus on secure development, SDLC, DevSecOps.
• Familiarity with cloud security standards and security hardening for server and network settings
• Proficient in using SAST and DAST tools and strong knowledge of secure coding practices and common vulnerabilities (e.g., OWASP Top 10).
• Experience with CI/CD pipelines and integrating security tools into the development process.
• Preferred certifications include OSCP, Certified DevSecopS Pro, CompTia PenTest+, PJPT 
• Excellent communication skills with the ability to work collaboratively with cross-functional teams.
• Strong problem-solving skills and attention to detail
• Experience in a DevOps or Agile environment.
• Knowledge of cloud security and containerization technologies (e.g., Docker, Kubernetes).
• Familiarity with penetration testing and red teaming.

* Samsung has a strict policy on trade secrets. In applying to Samsung and progressing through the recruitment process, you must not disclose any trade secrets of a current or previous employer.

* Please visit Samsung membership to see Privacy Policy, which defaults according to your location. You can change Country/Language at the bottom of the page. If you are European Economic Resident, please click here.