On February 28, 2023, the USAID Project “Cybersecurity of Ukraine's Critical Infrastructure” held a webinar “Who is an Application Security Engineer and How to Become One?”. More than 82 participants, including 60 students from 14 universities, joined the online event.
The Project invited private sector representatives, such as Oleh Poligenko, Director of Cybersecurity at Nova Poshta Digital, and Vitaliy Balashov, Head of Cybersecurity Engineers at EPAM, as keynote speakers to the webinar. The speakers shared their experience with the key skills and abilities needed to build a successful career as an Application Security Engineer.
Oleg Poligenko told the webinar participants about the main professional responsibilities of an Application Security Engineer, namely, ensuring the security of the software development life cycle, analyzing and testing source code, modelling threats of varying degrees of criticality, checking software for compliance with requirements, methodologies and recommendations for cybersecurity, conducting audits and preparing technical tasks and specifications for the development, correction and improvement of applications.
Vitaliy Balashov described one day of work as an Application Security Engineer at the company and spoke about the peculiarities of employment in this profession. He emphasized that most employers are looking for candidates with theoretical knowledge and practical experience. One way to get an Application Security Engineer internship is to analyze open-source applications on the GitHub platform. Many social and volunteer projects now involve volunteers in testing their programs, which can be good practice for students.
The speaker noted another advantage in employment - certificates of specialized courses or training that confirm a specialist's level of knowledge and skills, which is an essential criterion for employers.
The USAID Cybersecurity of Ukraine's Critical Infrastructure Project will continue to conduct webinars for students on opportunities to build a career path in cybersecurity and establish connections between graduates and critical infrastructure operators.
