Application Security Engineer

Job type:
on-site
Start date:
01/2021
Duration:
6 Months
From:
Source Technology Ltd.
Location:
England
Published at:
01/27/2021
Country:
flag_no United Kingdom
Project ID:
2037163

Warning
This project has been archived and is not accepting more applications.
Browse open projects on our job board.
Application Security Engineer

Security Engineer who will be responsible for implementing DevSecOps best practices across multiple engineering teams, as well as collaborating and communicating with security expert peers across multiple sites to help implement best practices across the engineering organisation providing security subject matter expertise and education, and fostering security mindset within engineering. This is a hands-on role also responsible for implementation of security tools and resolving vulnerabilities.

Role
  • Implement consistent DevSecOps best practices
  • Lead threat modelling and security design reviews with engineering teams, provide subject matter expertise in resolving complex security problems
  • Identify opportunities for automation, partner with engineering and security team on implementing automation
  • Develop and support development of security testing and validation tooling
  • Resolve and review resolution of security vulnerabilities as needed
  • Improve secure coding practices, application security requirements, automation, training, and metrics
  • Contribute to, and assist in updating relevant application security training for engineering teams
  • Help to continuously improve our penetration testing strategies


Skills/Experience
  • Significant experience in cloud security architecture and infrastructure
  • Experience with Jenkins, Docker, Kubernetes and AWS
  • Strong Python skills
  • Familiarity with micro service architecture and networking
  • Hands-on knowledge of information security processes such as security design review, threat modelling, OWASP Top 10, risk analysis, and software testing techniques
  • Excellent understanding of web applications, web servers, layer 7 application technologies, frameworks and protocols with respect to application development and deployment
  • Experience with code analysis tools
  • Ability to effectively present and communicate security threats and risks to any audience and impress upon them the mitigation techniques and strategies


If you are interested in this opportunity please apply online with a CV, or alternatively reach me direct on