APPLICATION SECURITY ENGINEER
£60–65,000 + 15% Bonus + Excellent Staff Benefits including Strong Pension, Life Assurance
Hybrid Working (2 Days per Week Onsite)
An interesting opportunity has presented itself within one of the UK’s largest Independent Software Based Organisations who are one of a major driving forces behind Innovative Development of Enterprise-Led Internet Technology.
They are now looking for an Application Security Engineer to join their existing & high performing In–House Security Team of 35 Staff including SOC & Cyber Analysts through to Experienced Cyber Security Engineers & Security Architects.
As an AppSec Engineer you will focus on the technical side of IT Security, specifically looking at Application Security & Code Analysis, ensuring their Applications are Built Securely.
The Information & Cyber Security Team deal with the Security of Closed-Sourced, Open-Source & In-House Developed Applications ensuring that All Systems & Services are Built with Privacy & Security by Design.
You will be working closely with the Software Development Team, to confirm that Application Based Vulnerabilities are Understood & Mitigated meaning that Code Reading Skills are also desirable.
Skills & Experience of the AppSec Engineer role:
- Hands-On Experience with Security Assessment Tools & Techniques including Penetration Testing & Code Review.
- Use of Planned, Structured Methodologies for Conducting & Reporting on Web Application Penetration Testing.
- Understanding & Demonstrable Experience of Automated, Dynamic & Static Application Security Testing Tools, as well as Manual Security Testing to find Vulnerabilities & Logical Issues.
- Broad Understanding of SDLC & Technology Functions and how they relate to Information Security.
- Understanding of Industry Standard Information Security Practices.
- Ideally Offensive Security Certified Professional (OSCP) Certification (or similar is Desirable but Not Essential).
- Strong Communication Skills & High Attention to Detail.
Main Responsibilities of the Application Security Engineer will include:
- Completing Comprehensive Security Vulnerability Analysis & Assessments of Software Applications & Providing Actionable Recommendations for Remediation.
- Supporting the Project Process to ensure that Information Security aspects are considered up front and throughout the Project Lifecycle.
- Taking Responsibility for the Security of Tested Products within Project Context.
- Conducting Manual & Automated Source Code Reviews.
- Contributing to & Utilising Security Testing Methodologies, Creating & Updating Technical Documentation as necessary.
- Liaising with Software Development Department to ensure Security is considered throughout SDLC.
- Identifying any Security Issues within the Business’s Software and Manage through Liaising with External Stakeholders as & when necessary.
Searches: AppSec / Application Security / SDLC / Software Application Security / Application Security Engineer / Cyber Security Engineer
If you possess the drive and relevant experience to deliver tangible results aligned with our Client’s needs, reach out. We embrace DE&I and welcome Applications from Underrepresented Groups, Minorities, Women in Cybersecurity, Neurodiverse Individuals, LGBTQ+ Community Members, Veterans and those from Diverse Socioeconomic Backgrounds.
