I'm currently working with a market leading Data Consultancy who provide a variety of insights and services across a multitude of markets, ranging from Finance to Real Estate, and more. They're looking for a Senior Application Security Engineer who will be able to come in and provide analysis of vast amounts of technical/non-technical data in order evaluate the likelihood of any security vulnerabilities, as well as assess any potential impacts they may have, and then act quickly to ensure they are resolved.

This role is very heavily based around the SDLC, and will require you to be hands-on, so the ability to read and analyse code is a MUST.

This role is an absolutely essential for my client, and filling it swiftly is of the utmost priority for them, so applicants with shorter notice periods would be preferred.

Responsibilities:

Collaborate and work closely with software engineering, product management, QA and testing teams to raise the security of our applications and software development lifecycle (SDLC) processes
Maintain own's awareness of trends in security threats, attacks, technologies, controls and regulations
Be able to standards and security practices in the SDLC domain
To collaborate with our software development teams to create and improve standards and security practices in the SDLC
Work with existing teams (e.g. Software engineering teams) and enterprise systems and procedures to quickly assess and process the most appropriate next action when presented with various pieces of data and information relating to information security
Determine the severity of security vulnerabilities and alerts in the AppSec domain, assess potential impacts, recommend next steps, follow through with risk treatment and mitigation
Present to senior and executive management on the status of our security controls (focus on AppSec), on our company's security posture and on the progress of our security plan
Ability and willingness to work from time to time as Security Analyst On-Call (AOC) escalation point outside of normal business hours (Note: we have an outsourced 24x7 SOC provider)

Additional Requirements:

Good understanding and demonstrable hands-on experience with techniques, tools and practices pertaining to securing the SDLC (Software Development Life Cycle)
Programming, scripting, software development experience / software testing, QA experience
Experience with identifying and dealing with software / code and deployment vulnerabilities
Ability to read, understand and create code, understand logs and alerts, to use specialist tools (Cloud native and 3rd party), as well as programming / scripting languages (e.g. Python, C#, JS, Shell, PowerShell, etc), to automate tasks, to enable security at speed and scale
Good written and verbal communication, analysis and collaborative skills
Poise and ability to act calmly and competently in high-pressure situations (e.g. during an incident)

Benefits:

Competitive salary
25 days' holiday, with optional 5 days unpaid leave per year
Free parking
Annual lifestyle allowance of £300 to put towards an activity of your choice
Cycle to Work scheme and Gym Flex scheme
Internal coaching/mentoring system throughout your time here
Focus on training and career progression
Family friendly policies
Happy to talk about flexible working

📍This opportunity is primarily remote, with a requirement for occasional office attendance required, with offices being based in Exeter / Reading / Kent / Various Other Locations.

❌️Sponsorship is unfortunately NOT being offered with this role so you MUST also be UK BASED and have VALID RIGHT TO WORK.

How to Apply:
If you are interested in these roles and would like to know more, or know anybody else who might, then please contact me using the details below or apply via the link provided:

☎️01174090748
📧