London Jobs |
Manchester Jobs |
Liverpool Jobs |
Nottingham Jobs |
Birmingham Jobs |
Cambridge Jobs |
Glasgow Jobs |
Bristol Jobs |
Wales Jobs |
London Jobs |
Manchester Jobs |
Liverpool Jobs |
Nottingham Jobs |
Birmingham Jobs |
Cambridge Jobs |
Glasgow Jobs |
Bristol Jobs |
Wales Jobs |
Oil & Gas Jobs |
Banking Jobs |
Construction Jobs |
Top Management Jobs |
IT - Software Jobs |
Medical Healthcare Jobs |
Purchase / Logistics Jobs |
Sales |
Ajax Jobs |
Designing Jobs |
ASP .NET Jobs |
Java Jobs |
MySQL Jobs |
Sap hr Jobs |
Software Testing Jobs |
Html Jobs |
Job Location | South East England |
Education | Not Mentioned |
Salary | £80,000 - £108,000 per annum |
Industry | Not Mentioned |
Functional Area | Not Mentioned |
Job Type | Permanent, full-time |
Senior Application Security Engineer Up2 £108,000 base salary with excellent bens.Join global multi-national vendor as part of the CISOs team working closely with a small 5-person international Web Application security team with colleagues in the US and India.You will perform application security assessments, penetration testing, threat modeling, and code reviews. You will also deliver security training for developers, and generally raise developer awareness of security best practices. You will work cross functionally with your peers in the engineering organization. Perform manual and automated security assessments (e.g. pen testing, code reviews, vulnerability scanning, etc.) to drive measurable security improvements in platforms and products. Review assessment reports and coordinate with engineering to ensure findings are remediated. Assist in implementing automated DevSecOps practices into product CI/CD pipelines and cloud environments.Youll be an active participate in advocating for and improving security throughout the SDLC. Provide training and mentorship on secure coding best practices to engineering team members. Consult with development and operations teams to provide mentorship and recommend secure design patterns. Remain ahead of emerging and active threats: leverage pen testing tools, develop custom offensive and defensive tools, review and apply the latest security research / threat intelligence.You will also deliver security training for developers, and generally raise developer awareness of security best practices in India and US and become the subject matter expert for on the Enterprise SaaS platform my client offers.Need: 5+ years experience in Application SecurityExperience with penetration testing web-based SaaS applications and systems operating out of Cloud infrastructure (AWS, GCP, Azure, etc.).Experience in secure coding best practices and security code reviews in at least one of the following: Java, JavaScript, Go, C#, Python. Knowledge of application-level attacks and mitigation methods, with a thorough understanding of OWASP top 10.Knowledge of DAST, SAST, 3rd party dependency, and container image security scanning.Understanding of compliance standards and how they impact software products and cloud operations.General security and offensive security assessment certifications a plus: CISSP, CEH, OSCP, GPEN, etc.Flexibility to work from home and office from time time. Fantastic company culture with globally renowned products.Send CV ASAP. Required skills
Keyskills :
Application Security Go Java Python CEH CISSP OWASP Penetration Testing penetration testing Security Analyst DevOps OSCP SOC Analyst GPEN DevSecOps application security assessments threat modeling and code reviews.