Application Security Engineer

Apply Now
Company
Roka Search
Job location
London, UK
Salary
Undisclosed
Posted
Hosted by
Adzuna
rezi_2024_august_sidebar

Job details

Job Title : Application Security Engineer Location : London / Remote with Flexible Working Arrangements Salary : Up to £80k per annum About the Role As an Application Security Engineer, you will play a critical role in ensuring the secure development of software across a global FinTech organisation. Working closely with software development, infrastructure, and business teams, you will help embed security practices into every stage of the software development lifecycle. You will also be responsible for threat modelling, automating security testing, and configuring security defences like Web Application Firewalls (WAF). This role is well-suited for an individual with strong technical expertise in application security and excellent communication skills. Key Responsibilities Integrate Security Practices : Collaborate with development teams to embed security into the software development lifecycle, promoting a shift-left security culture. Security Automation : Configure and manage security tools in CI/CD pipelines (e.g., GitLab, Jenkins) to automate security testing. Threat Modelling : Conduct threat modelling exercises with development and architecture teams to identify and mitigate potential risks early. WAF Configuration & Defence : Configure Web Application Firewalls (WAF) and other security defences, particularly using Akamai technologies. Monitoring & Incident Response : Build proactive monitoring tools and automation for security events, and support incident response efforts. Security Training & Advocacy : Deliver training on security best practices and tools, and write accessible documentation for security guidelines across the organization. Collaboration & Communication : Work cross-functionally with other teams to communicate security requirements and foster an inclusive security culture. Required Skills & Experience Application Security Experience : Proven experience in application security, with knowledge of security best practices and risk mitigation strategies. CI/CD Expertise : Proficiency with CI/CD pipeline tools such as GitLab, Jenkins, Azure DevOps, or GitHub Actions for security automation. Programming & Scripting : Ability to read and write code in languages such as Java, Python, JavaScript, and script in languages like Bash or PowerShell. Cloud Security Knowledge : Experience with cloud infrastructure (preferably Azure) and security measures in cloud environments. Security Tooling : Experience with common Application Security tools such as SAST, DAST, SCA, and IaC security scanning. Web Application Firewalls : Experience configuring and managing WAFs, particularly using Akamai. Relevant security certifications such as CompTIA Security, CEH (Certified Ethical Hacker), CISSP (Certified Information Systems Security Professional), or equivalent. Desirable Skills Threat Intelligence : Familiarity with OWASP Top 10, MITRE ATT&CK, and other threat frameworks, and their application to business risk management. Containerisation & Orchestration : Knowledge of Docker and Kubernetes for securing containerized applications. Agile Methodology : Experience working in agile teams, using tools like Jira for tracking and development. Soft Skills Communication : Excellent written and verbal communication skills, with the ability to explain complex security concepts in simple terms. Collaboration : Strong team player, capable of working collaboratively across departments and with diverse teams. Problem-Solving : Adept at troubleshooting security issues, identifying root causes, and implementing innovative solutions.
Apply Now
Other Jobs
Loading...
Get the freshest news and resources for developers, designers and digital creators in your inbox each week
Loading form
Start Free Trial
Connect
RSSFacebookInstagramTwitter (X)
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
© 2000 - 2024 SitePoint Pty. Ltd.