Job Description

Who are we?

Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud. Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs. At Checkmarx, we believe it’s not just about finding risk but remediate it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders.

We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies including Siemens, Airbus, SalesForce, Stellantis, Adidas, Wal-Mart and Sanofi.

We’re excited to expand our global presence with the opening of a new site in Pune, India—an innovation hub designed to attract top talent and fuel the future of application security. Joining our Pune team means working on cutting-edge technologies in cloud, DevSecOps, AI-driven security and being part of a high-impact engineering culture where your code helps secure the software that powers the world.

What are we looking for?

Checkmarx, a leader in the application security testing market, actively seeks talented application security engineers (AppSec Eng.) to support Checkmarx Global Services and our customers. The perfect candidate has a robust background in software development and application security.

How will you make an impact?

• Support some of our top-tier customers in conducting security-focused code reviews using the Checkmarx Platform.
• Support customer's AppSec and Dev Teams with mitigation advice for identified vulnerabilities.
• Research and create proof-of-concept based on identified vector attacks.

Daily and monthly responsibilities:

• Conduct security-focused static code and software composition analysis on top of a broad range of development languages and open-source libraries.
• Support customer AppSec/Dev teams with mitigation strategy/advice for identified vulnerabilities.
• When required, create proofs-of-concept that can illustrate a given vulnerability's exploitability.
• When needed, support AppSec/Dev teams in analyzing application architecture.
• Support less experienced engineers in ramping up their AppSec technical skills;

Requirements

• Bachelor's degree in computer science or another highly technical scientific discipline.
• +7 years experience in one or more high-level programming languages like Java, .Net, Go, Python, etc.
• +7 years experience in security-focused code review covering some market standards AppSec Frameworks like OWASP Web/API/Mobile Top 10, PCI-DSS, etc.
• Deep understanding of large enterprise-grade systems and architectures, as also as modern development paradigms.
• A proactive approach to spotting problems, areas for improvement, and performance bottlenecks.
• Strong technical aptitude - being able to pick up technical concepts rapidly is required.
• Highly motivated self-starter.
• Fluent in English (++ for other languages).
• For security related certifications
• for proven experience with security-focused code review using Checkmarx technologies

The fine print:

• Work from office/home (hybrid).
• Some international travel required (less than 10%)

What we have to offer

None