Application Security Engineer

Full Time County Antrim IT Job Pro UK

Application Security Engineer

Lisburn, Northern Ireland

Full time permanent role, relocation welcome

Salary Circa £45,000 – 50,000/yr

Company Profile

My client believes in high quality engineering and design, allowing them to develop market leading products and services. They love creating value for customers by solving difficult problems. As of today, my clients operation spans over 20 countries and they are a global technology leader that operates with the vision of bringing revolutionary products to life for a wide range of industries, including power and rail, and has interests in a number of R&D projects in a variety of scientific sectors.

The Role

The Application Security Engineer will play a key role in establishing a secure software assurance process as part of ISO27001. This will involve embedding security into every stage of the development lifecycle, from requirements capture through to deployment. The application security engineer will work on the various platforms, collaborating with many stakeholders from Product, Software Engineers, QA Engineers, and IT, to improve and enhance the security of those platforms and applications.

Responsibilities

* To work closely with application development, product and software QA Teams to implement software security that is tailored to the specific risks facing the organisation

* Gather security requirements and conduct risk assessments and threat modelling

* Introduce security tools and best practices for performing and automating security testing (SCA, SAST, DAST, IAST)

* Perform various aspects of security testing including penetration testing

* Provide training on secure application development and testing to software engineers and QA

* Provide guidance on the development of web-based training for ongoing awareness.

* Develop and maintain unit and integration tests designed to ensure security controls are tested on every build – Identify, assess, remediate, and document security risks and vulnerabilities

* Develop and maintain security processes and procedures, review code for security related issues and implement security related unit tests

What You Will Need to Succeed

* Minimum of 3 years’ experience in a technical role such as an Application Security Engineer or application developer, architect or QA

* Experience testing complex software systems and applications, and performing risk assessment and threat models

* Experience working within information security management system e.g. ISO27001

* Experience with at least one programming language e.g. Javascript, Java

* Understanding of secure development principles, Agile and Continuous Integration/Testing/Delivery

* Knowledge of DevOps and DevSecOps

Desired

* Any AppSec certifications would be a plus – OSWE, OSWASP etc

* Thorough knowledge of the OWASP Top 10

* Familiarity with compliance standards e.g. GDPR, NIST, NERC CIP, IEC62443

* Experience using tools to perform SAST, DAST, SCA e.g. SonarQube

* Practical experience using of open source and commercial application security tools

* Understanding of social engineering methods and aspects

* Familiarity with continuous integration tools e.g. Jenkins or GitLab-CI

* Experience testing cloud hosted applicated e.g. in AWS

* Familiarisation of container security e.g. docker

* Familiarisation of Linux operating systems e.g. Ubuntu, Redhat, CentOS

Benefits

* £45 – 50,000/yr

* Assistant Relocating

* Company Pension, Healthcare & Life Assurance Schemes

* On-site parking

* Flexible / Remote Working

* Subsidised Gym Membership & Wellness programmes

Kiota Recruitment are a newly founded Professional Search Agency with 17 years combined experience in supporting candidates across Multiple Skills & Industries, we are working on behalf of the client so apply and join us on our journey

To apply for this job please visit itjobpro.co.uk.