Senior Application Security Specialist

About IntouchCX

IntouchCX is a global leader in customer experience management, digital engagement, and AI and automation solutions. We immerse ourselves in your world with curiosity, creativity, and innovation to deliver exceptional results. For over 20 years, we have scaled with soul to become a disruptive industry leader by building trusted long-term relationships with our brand partners and empowering our people to drive positive change.

About The Job

Reporting to the Director of Information Security, the Senior Application Security Specialist is responsible for assessing and securing web-based, in-house developed applications and open-source telephony solutions. This role offers the unique opportunity to collaborate with the security analyst team on new security initiatives and develop in-house tools to support threat monitoring, vulnerability management, and security control administration.

As Senior Application Security Specialist, You Will…

• Assess software and applications for security vulnerabilities through code reviews, automated scanning, fuzzing, and manual inspection.
• Work with the development team and participate in developer sprint planning to identify potential security impacts and mitigation strategies.
• Develop, implement, and manage tools and processes to aid in software security testing activities (SAST, DAST, IAST).
• Provide security reviews and approvals as part of ticketed code-release workflows.
• Implement and manage automated vulnerability scanning tools in the development CI/CD pipeline.
• Champion the development, implementation, and operationalization of a Security Software Development Lifecycle (SSDLC).
• Document and communicate found issues to the developer or infrastructure teams.
• Work with the security team to identify methods to bolster threat detection and prevention based on discovered issues.
• Liaison with contracted third parties to perform application security assessments.
• Attend client meetings and respond to client questionnaires to address inquiries related to secure development practices.
  
  

• Bachelor’s degree in Computer Science, Information Security, or equivalent; or 5 years of comparable work experience.
• Security Certifications such as CISSP, C|ASE, GPEN, or OSCP.
• Professional experience in conducting application security assessments and penetration testing.
• Experience in working with .NET (C#), Python, and ASP.
• Professional experience with penetration testing tools (e.g., Burp Suite, ZAP, SQLMap).
• Experience deploying tools that integrate with CI/CD pipelines to automate vulnerability testing.
• Familiarity with the application of agile coding practices, OWASP, and the OWASP Testing Project, or other similar frameworks.