*Experience:** 3\+ years (application/infrastructure security)
*Role summary**
Own offensive testing and hardening: continuous security in CI/CD, threat\-model support, penetration testing, and remediation against OWASP and industry security standards.
*Key responsibilities**
Run application and API penetration tests across mobile, web, and microservices; produce findings with severity and remediation guidance.
Wire and tune **SAST, DAST, SCA, IaC scanning, and secret scanning** as CI/CD gates; manage the vulnerability lifecycle.
Support **STRIDE threat modeling** during design and verify controls against **OWASP Top 10** and **ASVS**.
Harden infrastructure and configurations (API gateway/WAF, TLS, encryption at rest, KMS/HSM key handling, network baselines).
Support SIEM integration, immutable audit logging, and incident\-response runbooks.
Validate remediation and produce penetration\-test / compliance reports.