Overview
InfoSum is looking for an Application Security Engineer with strong application security testing skills and a solid understanding of cloud environments. In this role, you’ll be hands-on in testing and securing our SaaS platform, working closely with our developers to uncover vulnerabilities and ensure secure-by-design practices are embedded into our products.
This role is based in Basingstoke with two days a week onsite.
What you’ll do
* Perform application security testing across web apps, APIs, and supporting cloud infrastructure
* Carry out penetration testing and provide clear, actionable vulnerability reports
* Work closely with engineers (using Go and Node.js) to remediate security issues and integrate security best practices into the SDLC
* Contribute to threat modeling and risk assessments for new and existing features
* Develop or adapt security testing scripts and tools to improve automation and coverage
* Keep up-to-date with emerging application and cloud security threats and share insights with the wider team
* Evaluate and experiment with advanced security technologies such as Trusted Execution Environments (TEEs)
Requirements
* Proven experience in application security testing (SAST, DAST, penetration testing)
* Strong understanding of cloud security Fundamentals across major providers (AWS, Azure, GCP)
* Ability to code and review code in Go and Node.js
* Familiarity with common vulnerabilities (OWASP Top 10, API security risks) and secure coding practices
* Strong communication skills to clearly explain risks and collaborate effectively with developers
Benefits
* A competitive salary based on your experience and ability to perform in role
* 25 days annual leave (excluding bank holidays)
* Fantastic corporate discounts and mental wellbeing support via Perkbox, including an EAP
* Salary sacrifice schemes
Location and team culture
We have fantastic offices in Basingstoke and London with a fully stocked fridge, snacks, and catered lunches. The team enjoys monthly socials, seasonal perks, and a culture built on recognition, collaboration and success.
Seniority level
* Mid-Senior level
Employment type
* Full-time
Job function
* Analyst
Industries
* Technology, Information and Media
#J-18808-Ljbffr