Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Job Description:
We are seeking a skilled Application Security Engineer with expertise in the Microsoft technology stack to join our security team. In this role, you will collaborate with developers, architects, and DevOps engineers to ensure secure design, development, and deployment of applications and services across on-premises and cloud environments (Azure). You will play a key role in identifying risks, implementing secure coding practices, and supporting security initiatives across the software development lifecycle.
Key Responsibilities:
• Embed security best practices into the SDLC/DevSecOps pipelines using Microsoft technologies (Azure DevOps, GitHub, Visual Studio, .NET).
- Perform threat modeling, design reviews, and code reviews to identify and mitigate security risks.
- Conduct application security assessments, penetration testing, and static/dynamic analysis (SAST/DAST) using Microsoft-native and third-party tools.
- Build and maintain automated security controls in CI/CD pipelines (e.g., Azure DevOps pipelines, GitHub Actions).
- Collaborate with developers to remediate vulnerabilities and promote secure coding practices in .NET, C#, and PowerShell.
- Partner with cloud engineers to ensure secure deployment in Microsoft Azure, including use of Azure Key Vault, Azure AD, Microsoft Entra ID, and Defender for Cloud.
- Drive adoption of security standards such as OWASP Top 10, NIST, and Microsoft Secure Development Lifecycle (SDL).
- Investigate security incidents involving applications and support root cause analysis.
- Develop training, documentation, and guidance to uplift application security awareness across development teams.
Requirements:
• Bachelor's degree in computer science, Cybersecurity, or related field (or equivalent work experience).
- 3–5+ years of experience in application security, software development, or security engineering.
- Hands-on experience with Microsoft development tools: .NET, C#, Visual Studio, Azure DevOps, GitHub.
- Good knowledge with Azure cloud services, Power platform, Dynamics365 and their security features.
- Experience with application security testing tools (SAST, DAST, SCA, IaC scanning).
- Knowledge of identity and access management in Microsoft ecosystems (Azure AD /
- Entra ID, OAuth, OpenID Connect).
- Strong understanding of secure coding practices and common vulnerabilities
- (OWASP Top 10, CWE, etc.).
- Familiarity with Infrastructure as Code security (Terraform, Bicep, ARM templates)
- Knowledge of regulatory compliance standards (e.g., ISO 27001, PCI DSS, GDPR)
- preferred.
- Benefits:
- Competitive salary and benefits package
- Opportunities for career growth and advancement
- A collaborative and supportive work environment
- Possibility to work from home two days a week
Key Skills
Ranked by relevanceReady to apply?
Join Sonrysa and take your career to the next level!
Application takes less than 5 minutes