Senior Application Security Engineer

I'm currently working with a market leading Data Consultancy who provide a variety of insights and services across a multitude of markets, ranging from Finance to Real Estate, and more. They're looking for a Senior Application Security Engineer who will be able to come in and provide analysis of vast amounts of technical/non-technical data in order evaluate the likelihood of any security vulnerabilities, as well as assess any potential impacts they may have, and then act quickly to ensure they are resolved.

This role is very heavily based around the SDLC, and will require you to be hands-on, so the ability to read and analyse code is a MUST.

This role is an absolutely essential for my client, and filling it swiftly is of the utmost priority for them, so applicants with shorter notice periods would be preferred.

Responsibilities:

• Collaborate and work closely with software engineering, product management, QA and testing teams to raise the security of our applications and software development lifecycle (SDLC) processes
• Maintain own's awareness of trends in security threats, attacks, technologies, controls and regulations
• Be able to standards and security practices in the SDLC domain
• To collaborate with our software development teams to create and improve standards and security practices in the SDLC
• Work with existing teams (e.g. Software engineering teams) and enterprise systems and procedures to quickly assess and process the most appropriate next action when presented with various pieces of data and information relating to information security
• Determine the severity of security vulnerabilities and alerts in the AppSec domain, assess potential impacts, recommend next steps, follow through with risk treatment and mitigation
• Present to senior and executive management on the status of our security controls (focus on AppSec), on our company's security posture and on the progress of our security plan
• Ability and willingness to work from time to time as Security Analyst On-Call (AOC) escalation point outside of normal business hours (Note: we have an outsourced 24x7 SOC provider)

Additional Requirements:

• Good understanding and demonstrable hands-on experience with techniques, tools and practices pertaining to securing the SDLC (Software Development Life Cycle)
• Programming, scripting, software development experience / software testing, QA experience
• Experience with identifying and dealing with software / code and deployment vulnerabilities
• Ability to read, understand and create code, understand logs and alerts, to use specialist tools (Cloud native and 3rd party), as well as programming / scripting languages (e.g. Python, C#, JS, Shell, PowerShell, etc), to automate tasks, to enable security at speed and scale
• Good written and verbal communication, analysis and collaborative skills
• Poise and ability to act calmly and competently in high-pressure situations (e.g. during an incident)

Benefits:

• Competitive salary
• 25 days' holiday, with optional 5 days unpaid leave per year
• Free parking
• Annual lifestyle allowance of £300 to put towards an activity of your choice
• Cycle to Work scheme and Gym Flex scheme
• Internal coaching/mentoring system throughout your time here
• Focus on training and career progression
• Family friendly policies
• Happy to talk about flexible working

📍This opportunity is primarily remote, with a requirement for occasional office attendance required, with offices being based in Exeter / Reading / Kent / Various Other Locations.

❌️Sponsorship is unfortunately NOT being offered with this role so you MUST also be UK BASED and have VALID RIGHT TO WORK.

How to Apply:
If you are interested in these roles and would like to know more, or know anybody else who might, then please contact me using the details below or apply via the link provided:

☎️01174090748
📧