IO Associates are helping one of Europe's leading Tech firms recruit an Application Security Engineer for their office in Bristol.
Role: Application Security Engineer
Salary: £45,000 - £60,000 + Great Benefits
● Avoid/remediate common security issues.
● Evaluate new products.
● Initiate escalation/mitigation procedures to counteract potential threats/vulnerabilities.
● Examine and testing the security of the platform and infrastructure, somewhat in the manner of an ethical hacker.
● Serve as primary resource and functional/technical expert to team members; providing them with guidance and being available to answer questions to clarify the work activities.
● Provide reporting on service status and pertinent threats to the environment.
● Review and advise on application architecture and designs.
● Embed security into the development life cycle, and showing continued value by quantifying risk and enabling informed product decisions which balance commercial and security concerns.
● Secure coding practices and the OWASP Top 10.
● Producing/consuming Web/REST/SOAP APIs.
● Security as part of the Software Development Lifecycle (SDLC).
● Developing security features.
● Agile methodologies (Kanban, Scrum).
● CI/CD Pipelines (Jenkins, TeamCity, Bamboo etc.)
● Shipping software to production
● Scripting (.Net, Python, Ruby, NodeJs, Bash, PowerShell, Perl etc.)
● HTTP, SSL/TLS, SOAP, and reverse proxies.
● Databases (including SQL and NoSQL) on Windows or Linux
● DevOps in a cloud environment.
● Writing tools and integrations to produce metrics on application security so that we can quantify risk and show improvement.
● Static code analysis (SAST) software or services.
● Automating security testing of applications and integrating security automation into the software lifecycle.
● Static and dynamic security testing (SAST/DAST) including code scanning, hands on targeted
AVAs and ethical hacking.
● Automating security testing.
● Security infrastructure tools e.f. IDS/IPS, WAF etc.
● Amazon Web Services (AWS) Environments.
● Cloud Services
● Penetration testing & Ethical hacking.
Interested? Please get in touch!