Job Description

About TaskUs: TaskUs is a provider of outsourced digital services and next-generation customer experience to fast-growing technology companies, helping its clients represent, protect and grow their brands. Leveraging a cloud-based infrastructure, TaskUs serves clients in the fastest-growing sectors, including social media, e-commerce, gaming, streaming media, food delivery, ride-sharing, HiTech, FinTech, and HealthTech.

The People First culture at TaskUs has enabled the company to expand its workforce to approximately 45,000 employees globally.Presently, we have a presence in twenty-three locations across twelve countries, which include the Philippines, India, and the United States.

It started with one ridiculously good idea to create a different breed of Business Processing Outsourcing (BPO)! We at TaskUs understand that achieving growth for our partners requires a culture of constant motion, exploring new technologies, being ready to handle any challenge at a moment’s notice, and mastering consistency in an ever-changing world.

What We Offer:At TaskUs, we prioritize our employees' well-being by offering competitive industry salaries and comprehensive benefits packages. Our commitment to a People First culture is reflected in the various departments we have established, including Total Rewards, Wellness, HR, and Diversity. We take pride in our inclusive environment and positive impact on the community. Moreover, we actively encourage internal mobility and professional growth at all stages of an employee's career within TaskUs. Join our team today and experience firsthand our dedication to supporting People First.

We are looking for an enthusiastic and detail-oriented Associate - Application development Security to join our growing Security team. In this role, you will help ensure that security is embedded throughout the Software Development Lifecycle (SDLC) and support the implementation of our DevSecOps program. This position is ideal for individuals at the beginning of their career who are eager to gain hands-on experience in secure application development lifecycle, automated security testing, and modern DevSecOps practices and cloud security.
So what does an Application Development Security Associate really do? Think of yourself as someone who will do the application design reviews, security testing, critical code reviews, and Business document review, help in the remediation and mitigation of audit findings in adherence to standards and safe practices, conduct research on emerging practices, services, protocols, and standards in support of system security and compliance enhancement and development efforts. Work closely with the development team to build secure software.

Responsibilities:

Secure Software Development Lifecycle (SSDLC):
● Collaborate with developers and architects to incorporate security requirements during design and
development phases.
● Assist in building and maintaining secure coding guidelines and policies aligned with industry standards
(e.g., OWASP, NIST).
● Support threat modeling, risk assessments, and security design reviews for new applications and features.
● Participate in security-focused reviews during code commits, builds, and releases.

Security Testing & Vulnerability Analysis:
● Execute automated and manual security testing (SCA, SAST, DAST) across applications during development
and UAT phases.
● Should be able to perform Software Composition Analysis● Perform secure code review and tests on critical products and features
● Use security tools (e.g., Snyk, Burp Suite, Invicti) to identify, validate, and triage security vulnerabilities.
● Identify security flaws and suggest remediations based on Open Web Application Security Project
(OWASP) and other secure Software Development Life Cycle (SDLC) standards and frameworks.
● Support remediation efforts by working with developers to explain findings and recommend secure
alternatives.
● Maintain records of vulnerabilities, false positives, and mitigation strategies.

DevSecOps Integration
● Work with CI/CD pipelines to automate security checks and enforcement (e.g., GitHub Actions, Jenkins).
● Integrate and maintain tools such as SAST, SCA, DAST, container scanning, and secret detection in the
pipeline.
● Assist in monitoring and triaging vulnerabilities discovered during builds and deployments.

Security Awareness & Compliance
● Participate in security training and evangelize secure coding practices across development teams.
● Support the maintenance of security documentation, standards, and guidelines.
● Help ensure adherence to compliance requirements (e.g., OWASP Top 10, NIST, ISO 27001).

How We Partner To Protect You: TaskUs will neither solicit money from you during your application process nor require any form of payment in order to proceed with your application. Kindly ensure that you are always in communication with only authorized recruiters of TaskUs.

DEI: In TaskUs we believe that innovation and higher performance are brought by people from all walks of life. We welcome applicants of different backgrounds, demographics, and circumstances. Inclusive and equitable practices are our responsibility as a business. TaskUs is committed to providing equal access to opportunities. If you need reasonable accommodations in any part of the hiring process, please let us know.

We invite you to explore all TaskUs career opportunities and apply through the provided URLhttps://www.taskus.com/careers/