Application Security Engineer

Full Time | Islamabad,PK | Technology

Apply for position
VisionX is a digital product company and a mindset obsessed with customer success. Acting as a strategic innovation partner, we help our clients (a) think through their digital and innovation roadmap, (b) build tailored digital products and solutions powered by emerging technologies stack, and (c) develop our Software-as-a-Service (SaaS) solutions. 

Our customers are world-leading brands and enterprises, including Fortune 500 and strategic startups. VisionX products and SaaS solutions continue to help its customer (a) achieve fast track business growth, (b) gain competitive advantage, (c) constantly innovate to stay relevant, and (d) accelerate product development and feature delivery for their end customers.
PackageX is an AI-powered SaaS product of VisionX (now a standalone entity) that enables the future of delivery management for residential and commercial buildings – mail, packages, and inventory. Our product is deployed in 30 countries and 118 cities. 

Our Team & Your role
We hire the best, invest in them, push them outside their comfort zone to help realize their real potential to serve our clients, our company, and most importantly understand life to value each moment and the person they interact. Joining us might be easy but staying at VisionX is harder.
We are headquartered in New York City with our teams geographically located and our delivery powerhouse in Islamabad.

We’re looking for a passionate Application Security Engineer to come work alongside us to take on some of the most interesting and impactful problems.
The ideal candidate will possess 2+ years experience in mobile/cloud application development. In depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework. Excellent understanding of Cloud, network and general technical security controls is required.

  • Review application security controls, data handling processes and designs prior to live implementations of new features or products; identify data and application security risks and requirements for new projects and system developments.
  • Lead application development teams through threat modeling exercises.
  • Collaborate to develop security test plans and integrate them into the software development life-cycle.
  • Monitor and proactively report on current threats and vulnerabilities to data and application security.
  • Conduct assessments of application tools and technologies.
  • Evangelize secure data management and code development practices internally.
  • Application Security Stakeholder in All Teams
  • Maintain Threat Models and Risk Assessments
  • Ensure security requirements are part of backlog
  • Ensure secure coding practices are being followed
  • Provide automated code for QA Test Cases related to Security
  • Security Log management and analysis
  • Mobile application
  • Cloud Back-end
  • Vulnerability scanning of deployed applications
  • Track software-related compliance to
  • ASVS standard
  • GDPR
  • ISO 27001
  • Obtain relevant certification to smooth out external audit

  • You’re Awesome because you have
  • Strong understanding of cryptographic algorithms and protocols. Symmetric/asymmetric encryption, hashing, SSL/TLS, IPSec, PGP, S/MIME, SSH, PKI.
  • Understanding of Agile Scrum development methodologies.
  • Networking hardware - routers, switches, load balancers,firewalls (WAF, IPS/IDS,NG Firewall) etc.
  • Access control using AD, LDAP, JWT, SAML, Oath.
  • Data Access Monitoring (DAM)
  • SIEM
  • Vulnerability Management & Vulnerability Scanning (Qualys, Burp Suite, Nessus, etc.)
  • Working experience with IT policies, procedures, and standards.

Our Values:
Our values are the foundation of our X-Culture. To be successful in your day to day tasks we believe in customer centricity, excellence in what we do, taking ownership, bringing spark & innovation, and teamwork.
Why Choose Us:
We live and breathe cutting-edge technology. We operate within the technology startups and Fortune 500/1000 ecosystem. We believe in delivering client value through our work. We build products that are not good or great but outstanding. We help build your startup if you are an aspiring entrepreneur. Our global network of industry experts and mentors helps shape our growth and future. Our leadership team has extensive technology, retail and consulting experience with world-renowned brands. We have got all it takes to build an enterprise of the future.
You deliver! We will make your stay and journey with us worthwhile.
We are an equal opportunity employer, and we value diversity. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or any other legally protected status.