Aize, located in Kingswells, Scotland, United Kingdom, is seeking a Senior Application Security Engineer.
Responsibilities
Own Aize’s Application Security strategy, fostering a security-first culture across engineering teams.
Train developers on secure coding practices and address issues flagged by security tools like Snyk and Microsoft Defender.
Design, implement, and operate security tools, continuously improving secure SDLC processes.
Contribute to ISO 27001 compliance through threat modeling exercises, security architecture reviews, and architectural discussions.
Prioritize security initiatives based on risk assessments, threat landscape, business impact, and technical feasibility.
How You Will Do This
* Establish and enhance secure development processes.
* Collaborate with developers and coach on secure coding.
* React to threats and proactively prevent security issues.
* Work with devs, platform teams, and product managers to embed security at all stages.
* Balance addressing security debt in existing products with shaping secure design and integrating security tooling for new projects.
* Collaborate across disciplines to bring a strong security voice into daily operations.
Team
You will join a small, dynamic security team, working closely with other teams to develop and improve security practices, shaping the security culture.
Ideal Candidate
* Proactive, ownership-driven, adaptable to new situations.
* Experienced with SaaS cloud solutions, ideally Azure, and familiar with DevSecOps practices. Knowledge of Microsoft E5 security suite is a plus.
* Capable of handling security in both legacy and greenfield systems.
* Knowledge of OWASP Top 10, ASVS, threat modeling, and security architecture across languages like C#, React, Java, Python, Go, TypeScript/Angular.
* Strong understanding of web app and API security.
* Excellent collaborator with relationship-building and influencing skills.
* Experience with pentesting tools and security reviews.
What We Offer
* Competitive salary
* Hybrid work, flexible hours
* Equipment like MacBook or Windows laptop
* Pension contributions, travel expenses, insurance
* On-site private health clinic, regular check-ups
* Work environment supporting individuality
* Opportunities for professional growth through Guilds, training, and courses
* Vacation options, including stays at cabins in various locations
* Support for attending events and expanding knowledge
* Perks: phone plan, broadband, hardware, gym, social activities, meals, parties
Additional Details
* Seniority level: Not Applicable
* Employment type: Other
* Job function: Information Technology
* Industry: Software Development
#J-18808-Ljbffr