Application Security Engineer
Lisburn, Northern Ireland
Full time permanent role, relocation welcome
Salary Circa £45,000 – 50,000/yr
My client believes in high quality engineering and design, allowing them to develop market leading products and services. They love creating value for customers by solving difficult problems. As of today, my clients operation spans over 20 countries and they are a global technology leader that operates with the vision of bringing revolutionary products to life for a wide range of industries, including power and rail, and has interests in a number of R&D projects in a variety of scientific sectors.
The Application Security Engineer will play a key role in establishing a secure software assurance process as part of ISO27001. This will involve embedding security into every stage of the development lifecycle, from requirements capture through to deployment. The application security engineer will work on the various platforms, collaborating with many stakeholders from Product, Software Engineers, QA Engineers, and IT, to improve and enhance the security of those platforms and applications.
- To work closely with application development, product and software QA Teams to implement software security that is tailored to the specific risks facing the organisation
- Gather security requirements and conduct risk assessments and threat modelling
- Introduce security tools and best practices for performing and automating security testing (SCA, SAST, DAST, IAST)
- Perform various aspects of security testing including penetration testing
- Provide training on secure application development and testing to software engineers and QA
- Provide guidance on the development of web-based training for ongoing awareness.
- Develop and maintain unit and integration tests designed to ensure security controls are tested on every build - Identify, assess, remediate, and document security risks and vulnerabilities
- Develop and maintain security processes and procedures, review code for security related issues and implement security related unit tests
What You Will Need to Succeed
- Minimum of 3 years’ experience in a technical role such as an Application Security Engineer or application developer, architect or QA
- Experience testing complex software systems and applications, and performing risk assessment and threat models
- Experience working within information security management system e.g. ISO27001
- Understanding of secure development principles, Agile and Continuous Integration/Testing/Delivery
- Knowledge of DevOps and DevSecOps
- Any AppSec certifications would be a plus - OSWE, OSWASP etc
- Thorough knowledge of the OWASP Top 10
- Familiarity with compliance standards e.g. GDPR, NIST, NERC CIP, IEC62443
- Experience using tools to perform SAST, DAST, SCA e.g. SonarQube
- Practical experience using of open source and commercial application security tools
- Understanding of social engineering methods and aspects
- Familiarity with continuous integration tools e.g. Jenkins or GitLab-CI
- Experience testing cloud hosted applicated e.g. in AWS
- Familiarisation of container security e.g. docker
- Familiarisation of Linux operating systems e.g. Ubuntu, Redhat, CentOS
- £45 - 50,000/yr
- Assistant Relocating
- Company Pension, Healthcare & Life Assurance Schemes
- On-site parking
- Flexible / Remote Working
- Subsidised Gym Membership & Wellness programmes
Kiota Recruitment are a newly founded Professional Search Agency with 17 years combined experience in supporting candidates across Multiple Skills & Industries, we are working on behalf of the client so apply and join us on our journey.
Remember: You should never send cash or cheques to a prospective employer, or provide your bank details or any other financial information for factors such as DBS clearance, uniforms or first aid training. We pay great attention to vetting all jobs that appear on our site, but please get in touch if you see any roles using premium rate phone numbers, or asking for payments or financial details from you. For more information on conducting a safe job hunt online, visit safer-jobs.com.