From one of my quora answers What jobs in the information security realm require strong development skills? By development skills if you mean application development skills then yes what Andrew Olson pointed out seems correct, You can use those skills during the static analysis code review. Code review has always been part of security engineering in most of the organizatons. When you come to offensive security you should have strong development skills as you will be developing exploits in order to publish or test the vulnerabilities. Skills that you need at this level are completely differnt from the application development skills which is largely based on Language and thrid part libraries available in the language. Its kind of hard to segregate responsibilities based on the job role but let me try and list some for you Information security engineer (Application Security) - Code Review(Both manual and automated using the tools), Should have good knowledge of the frameworks
An active citizen of great Indian Republic