Application Security Engineer

Simply Business
Job LocationUK
Job TagFull Time

Location: London, England (UK)

Description:

You could be helping us stay ahead of the latest threats by collaborating with technology teams to strengthen our security. This role is based in the broader Information Security Team, and you’ll be reporting into Divya (Application Security Lead) alongside another two Application Security Engineers. 

We are an award winning InfoSec team who pride ourselves on our friendly and collaborative approach. Not only that, but you will be joining one of the most gender diverse teams in your field.

Responsibilities:

  • Work with the rest of the application security team to identify security risks in the SDLC pipeline
  • Assess and implement tools to mitigate the risks identified
  • Create documents such as application security metrics, policies, procedures, standards, guidelines, and training
  • Coach development teams on secure development practices and vulnerability management
  • Conduct threat modelling to ensure that effective controls are part of the product deliverables
  • Undertake code reviews and pentesting (external and/or internal)

Qualifications:

  • Knowledgeable about software development – ideally though having done the role yourself or from working closely with developers
  • Understanding of cyber security risk and experience of managing risks throughout SDLC
  • Knowledgeable when it comes to the OWASP top 10 security risks and experience with SAST and DAST tools
  • Experienced in performing code reviews (familiarity with JavaScript and Ruby preferred)
  • Knowledgeable about web technology and protocols such as HTTP, HTTPS, HTML, JavaScript, XML, WebSockets and  JSON
  • Lifelong learner in developing deep knowledge of the latest cyber and application security risks 

Cybersecurity: Industry Professionals Share Tips and Tidbits

Two industry professionals from the Cybersecurity industry joined us for a webinar on Determining Which Cybersecurity Work Environment is Right for You. Read along as we highlight some key takeaways from that conversation where they discuss their work environments, workflows, and cultural impact.

Related Industries: Cybersecurity
Hand typing on keyboard.

STEM: Industry Professionals Share Tips and Tidbits

On International Women’s Day, a few of the ladies from Nike joined us for a discussion on women in STEM. Learn more about some of the key takeaways from breakout room sessions on Overcoming Barriers and International Work as a Woman in STEM.

Related Industries: Coding, Cybersecurity, Data, FinTech, Product Management, Project Management
A woman stands in a lab coat.