Job Description
The AppSec / DevSecOps Engineer is responsible for ensuring the security of code development processes and applications, with a focus on both traditional and AI-driven solutions. This position will work closely with internal IT teams, internal customers, and external vendors, contributing to robust security practices and risk management across the organization.
- Define and implement security testing strategies for AI solutions, utilizing both grey box and black box methodologies.
- Grey Box Testing: Conduct Static Application Security Testing (SAST), dependency scanning, secrets scanning, Infrastructure as Code (IaC) scanning, and configuration reviews.
- Black Box Testing: Perform Dynamic Application Security Testing (DAST), API fuzzing, authentication testing, and rate-limit tests.
- AI-Specific Security Tests: Execute prompt injection checks, jailbreaking resistance assessments, tool misuse evaluations, and leakage tests...