![JSC Bank of Georgia Logo](https://storage.hirehive.com/user/Company_8148/logo_1.png?sv=2024-05-04&st=2025-08-07T02%3A25%3A56Z&se=2025-11-05T02%3A25%3A56Z&sr=b&sp=r&rscd=inline%3Bfilename%3D"logo_1.png"&sig=i2UpEcKTU9rlhwrLfsKrSKLA3jn7ZBCbhbmQ7NrI6YQ%3D){kind=logo}
Company Description: JSC Bank of Georgia is a leading Commercial Bank. We are committed to delivering secure and reliable financial services/products to our customers. As part of our ongoing commitment to application security, we are seeking a Application Security Engineer to join our growing team.
Job Description: As a Application Security Engineer, you will play a crucial role in ensuring the security of our applications throughout the development lifecycle. You will work closely with the development and IT teams to identify, assess, and remediate application vulnerabilities. This is an excellent opportunity for a passionate individual who wants to kick-start their career in application security and grow their expertise in a dynamic environment.
Responsibilities:
Conduct security assessments, including vulnerability scans, and code reviews, to identify potential security weaknesses in our applications.
Collaborate with development teams to provide security guidance and best practices throughout the software development lifecycle.
Assist in the design and implementation of secure coding practices, including secure coding standards, guidelines, and training materials.
Good understanding of secure software development life cycle (SDLC) processes and practices.
Participate in threat modeling and risk assessment activities to identify and prioritize potential security risks.
Research and stay up-to-date with the latest application security trends, vulnerabilities, and attack techniques to proactively identify emerging risks.
Assist in incident response and security incident investigations related to application security breaches or vulnerabilities.
Collaborate with cross-functional teams to ensure the timely remediation of identified vulnerabilities.
Assist in the implementation and maintenance of application security tools and technologies.
Contribute to the development and improvement of the organization's application security policies, procedures, and standards.
Implement and maintain application security tools and automation scripts.
Participate in the security architecture review process for new applications and major application updates.
Develop and maintain secure coding guidelines, standards, and best practices for the organization.
Qualifications:
Undergraduate/Graduate degree in Computer Science, Information Security, or a related field.
Strong passion for application security and a desire to build a career in the field.
Knowledge of containerization and DevSecOps practices.
Familiarity with security automation and continuous integration/continuous deployment (CI/CD) pipelines.
In-depth knowledge of web application security concepts, such as the OWASP Top 10/ SANS Top 25 vulnerabilities, injection flaws, authentication and session management, and secure coding practices.
Understanding of cryptography, access controls, and secure authentication mechanisms.
Experience with static code analysis tools (e.g., SonarQube, Fortify, CheckMarx) and dynamic application security testing (DAST) tools (e.g., Burp Suite, ZAP, AppScan).
Good understanding of programming languages (e.g., Java, C#, Python) and web technologies (e.g., HTML, CSS, JavaScript).
Good analytical and problem-solving skills.
Excellent communication and collaboration abilities to work effectively in a team environment.
Relevant certifications (e.g., CSSLP, CEH, CASE or GIAC) are a plus.
Join our team and be part of an exciting journey to ensure the security of our applications and protect our customers' data. Apply now and contribute to making a positive impact on our organization's security posture. deadline is Aug 20, 2025.