Application Security Developer- INTL India

The Application Security Developer IV will collaborate closely with engineering (development) teams and the Information Security group to ensure that RealPage applications are developed with security in mind. A deep understanding of the OWASP Top 10 project and best practices for preventing vulnerabilities across any tech stack is essential. This role involves ensuring Static Application Security Testing (SAST) during the development lifecycle and that reported vulnerabilities are properly remediated. The person will also train developers on remediation techniques and the nature of vulnerabilities, implement OWASP Application Security Verification Standards (ASVS), and serve as a role model for a small team (1-5 members) with similar responsibilities. Excellent communication skills and familiarity with DevOps pipelines are key success factors. PRIMARY RESPONSIBILITIES - Incorporate Shift-Left security practices into the Software Development Life Cycle (SDLC) for various applications. - Provide guidelines, tooling, best practices, and implementation support for: o SAST o Dynamic Application Security Testing (DAST) o Software Composition Analysis (SCA) o Runtime Application Self-Protection (RASP) - Guide and coach teams on security remediation efforts. - Assist teams in integrating SAST, DAST, SCA scans into their pipelines. - Ensure dependency scans are part of the development process and pipelines. - Offer ongoing training on new application threats and remediation techniques. - Provide guidance on OpenID Connect (OIDC), OAuth2, and other identity-related best practices. - Collaborate with engineering teams to plan long-term remediation solutions for significant changes. - Work with the Information Security team to prioritize applications and vulnerabilities based on risk. - Advise teams on secure storage and retrieval of application secrets. We are committed to creating inclusive environments where everyone can bring their full, authentic selves to work. We are an equal opportunity employer that values diversity and inclusion. Qualified candidates will be considered without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or other protected characteristics. For accommodations during the application process, please contact us. Please review our Workforce Privacy Policy to understand how we handle your information. Required Skills & Experience 8+ years of software development experience Familiarity with SAST, DAST, SCA scans Primary skill set in C# .NET development Secondary skills in Python or Java Some cloud exposure, with a preference for Azure, AWS, or GCP Strong focus on code quality and integrating security into development from the start Nice to Have Skills & Experience Experience with Fortify on Demand and Invicti Net Sparker. Benefits include medical, dental, and vision insurance, HSA, FSA, DCFSA accounts, 401k with employer matching, paid sick leave, and other paid time off as per law. #J-18808-Ljbffr