Senior Application Security Engineer
Cambridgeshire Based - 1-2 days a week onsite
Overview
We are looking for an experienced Senior Application Security Engineer to join our client's expanding Cyber Security team. This is an incredible opportunity to craft a world‑class Application Security function, playing a critical role in embedding security within all stages of the development lifecycle.
Responsibilities
* Becoming a key contributor to the Cyber team by focusing on application security architecture and implementing a robust risk management programme.
* Collaborating closely with different teams to devise plans, perform threat modelling, adopt architecture best practices, drive secure development lifecycles, and manage risk remediation.
* Providing expertise in security best practices and compliance while undertaking hands‑on security testing.
* Identifying application security risks and supporting requirements for new projects and system developments.
* Representing the Cyber team during review sprints to ensure application security is prioritised before deployment.
* Partnering with architecture and development teams to review application design and code for security vulnerabilities.
* Establishing and promoting a threat modelling capability to evangelise secure coding practices in the development lifecycle.
* Delivering technical advice to ensure security standards are fully understood and complied with across teams.
* Developing and integrating security testing plans into the Secure Software Development Lifecycle (S‑SDLC).
* Performing and overseeing security testing while managing remediation plans for identified vulnerabilities.
Qualifications
* Experience in Software Engineering and Application Security.
* In‑depth understanding of application security vulnerabilities, testing techniques, and familiarity with the OWASP framework.
* Deep expertise in secure web application development and Agile development methodologies.
* Exceptional communication and influencing skills, capable of collaborating effectively up to senior management levels.
* Comprehensive knowledge of IT and information security disciplines, with an ability to promote and deliver security awareness initiatives.
* Experience in working with the hacker/penetration testing community is desirable.
If you are passionate about driving secure‑by‑design initiatives and want to work in a team that values innovation and collaboration, we'd love to hear from you.
Please apply with a copy of your CV or email.
#J-18808-Ljbffr