Here’s what you’ll be doing:
You could be helping us stay ahead of the latest threats by collaborating with technology teams to strengthen our security. This role is based in the broader Information Security Team, and you'll be reporting into Divya (Application Security Lead) alongside another two Application Security Engineers.
We are an award winning InfoSec team who pride ourselves on our friendly and collaborative approach. Not only that, but you will be joining one of the most gender diverse teams in your field.
As one of our Application Security Engineer, you’ll:
- work with the rest of the application security team to identify security risks in the SDLC pipeline
- assess and implement tools to mitigate the risks identified
- create documents such as application security metrics, policies, procedures, standards, guidelines, and training
- coach development teams on secure development practices and vulnerability management
- conduct threat modelling to ensure that effective controls are part of the product deliverables
- undertake code reviews and pentesting (external and/or internal)
We’re looking for someone who is:
- knowledgeable about software development - ideally though having done the role yourself or from working closely with developers
- understanding of cyber security risk and experience of managing risks throughout SDLC
- knowledgeable when it comes to the OWASP top 10 security risks and experience with SAST and DAST tools
- experienced in performing code reviews (familiarity with JavaScript and Ruby preferred)
- knowledgeable about web technology and protocols such as HTTP, HTTPS, HTML, JavaScript, XML, WebSockets and JSON
- a lifelong learner in developing deep knowledge of the latest cyber and application security risks
Sign up for the chance to get matched to this role, and similar opportunities.
.png){kind=logo}