Application Security Engineer

**Application Security Engineer**

**The Company**:
Wizeline is a global digital services company helping mid-size to Fortune 500 companies build, scale, and deliver high-quality digital products and services.

We thrive in solving our customer’s challenges through human-centered experiences, digital core modernization, and intelligence everywhere (AI/ML and data). We help them succeed in building digital capabilities that bring technology to the core of their business.

**Our People**:
At Wizeline, we are a team of nearly 2,000 people spread across 25+ countries. We understand that great technology begins with outstanding talent and diversity of thought. Our business was built on doing well and doing good, and our values of Ownership, Innovation, Community, and Diversity & Inclusion are embedded within our company’s DNA. We are committed to offering our Wizeliners the opportunity to create their career path and develop the skills needed to achieve their personal goals.

**Community Impact**:
We are proud to contribute to local economies by developing technology ecosystems in places like Mexico, Colombia, and Vietnam. We also created Wizeline Academy, a free, community-based education program that teaches high-value skills to workers looking to advance their tech industry careers. As of 2022, Academy has served more than 28,000 students across 675 courses. Wizeliners have the opportunity to upskill by taking Wizeline Academy courses and can also share their expertise by delivering classes to students.

**What You Will Bring to the Team**

The Application Security Engineer is responsible for supporting and implementing security best practices as part of the development lifecycle across multiple engineering teams. An Application Security Engineer is expected to build tools and partnering with developers to safeguard Wizeline’s software, systems, and assets.

**Your Day-to-Day Activities**
- Build, deploy, and maintain security tools, libraries, controls, and instrumentation in Wizeline’s repositories.
- Develop tools and processes to automate the discovery, prevention, and remediation of security issues (vulnerability management process).
- Develop security standards, preferred implementation patterns, secure common frameworks, and developer documentation and education materials.
- Perform code and design reviews to identify and help remediate security flaws (secure code process).
- Utilize threat modeling to monitor Wizeline’s attack surface and influence system design patterns.
- Partner with developers from throughout the organization to design and promote secure software architectures.
- Mentor engineering teams to implement secure practices in their processes.
- Document security processes and procedures to generate reusable knowledge.
- Respond and manage security incidents presented during the development lifecycle (incident management).

***:
**Are You a Fit?**

To be successful in this role, you must have:
***:

- Minimum of 2 years of experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, SecDevOps.
- Experience implementing, running and maintaining tools and/or processes to reliably identify security issues such as SQLi, XSS, CSRF, and business logic flaws across large code bases (SAST, DAST, PenTesting, Security Unit Testing, etc.)
- Knowledgeable regarding backend security topics such as secret management and service authentication.
- Knowledgeable regarding git, DevOps, and CI/CD principles.
- Software development proficiency (Go, Ruby, Python, Java, C#, Obj-C/Swift).
- Strong ethics and understanding of ethics in information security.
- Excellent communication and teamwork skills.
- Must be organized, goal-oriented, and a self-starter.
- Web Penetration Testing or General Pentesting certification is a plus.

***:
**Why You Should Apply**:
Still not convinced you should apply? Here are some of the things that make Wizeline different from other technology services companies:
**Our Values**:
At Wizeline, we value innovation, community, and ownership. Our commitment to diversity, inclusion, and respect fosters an environment where everyone does well and does good. We're proud to be recognized by the Human Rights Campaign Foundation in response to our inclusive corporate policies and best practices for LGBTQ+ employees.

**Our Culture**:
We offer exceptional career growth and learning opportunities to our employees with skill development workshops, mentoring programs, and support for side projects or entrepreneurial work. We ranked 7th on Expansión’s Super Companies 2021 list.

**Our Benefits and Perks**:
We offer competitive compensation and employee-centric benefits, including industry-leading maternity and paternity leave, wellness programs, and remote work opportunities. All Wizeliners have access to continuous learning opportunities through Wizeline Academy, including c