Application Security Engineer - London

10% bonus - IT/Information/Cyber Security
Ref: 147 Date Posted: Monday 28 Nov 2022
LinkedIn ShareShare
Company:           Media
Location:             London – Hybrid (3 days/week in the office)
Salary:                 Salary: £90,000 max
      Bonus: 10%
The Role
Operate the Product Security Life Cycle, consulting with product teams, capturing architecture designs, threat modelling, organising penetration tests, assisting with remediation of penetration test results and working with GRC to manage the risk lifecycle.
You will be responsible for the development and maintenance of application security pipeline automation, currently using CircleCI and python. You will partner with development engineering teams to implement required product security tooling, controls and technical requirements.
Day to day:
•             Follow a documented approach to application security producing evidence for the development team and audit
•             Ensure the risk level for products is in concordance with business requirements.
Knowledge we are looking for:
•             Software Development
•             Application Security techniques
•             Threat modeling
•             Python and Node.
•             Penetration testing process and reports
•             AWS and GCP
•             Digital security/authentication (0Auth, OAuth2, OpenID Connect, JWT)
•             Dev tools experience (git, jenkins, maven)
•             Security Testing tools: snyk, checkmarx, nikto, npm
•             Agile (Jira)