Senior Application Security Engineer
Cambridgeshire Based - 1-2 days a week onsite
We are looking for an experienced Senior Application Security Engineer to join our client's expanding Cyber Security team. This is an incredible opportunity to craft a world-class Application Security function, playing a critical role in embedding security within all stages of the development life cycle.
What you'll be doing:
* Becoming a key contributor to the Cyber team by focusing on application security architecture and implementing a robust risk management programme.
* Collaborating closely with different teams to devise plans, perform threat modelling, adopt architecture best practices, drive secure development life cycles, and manage risk remediation.
* Providing expertise in security best practices and compliance while undertaking hands-on security testing.
* Identifying application security risks and supporting requirements for new projects and system developments.
* Representing the Cyber team during review sprints to ensure application security is prioritised before deployment.
* Partnering with architecture and development teams to review application design and code for security vulnerabilities.
* Establishing and promoting a threat modelling capability to evangelise secure coding practices in the development life cycle.
* Delivering technical advice to ensure security standards are fully understood and complied with across teams.
* Developing and integrating security testing plans into the Secure Software Development Lifecycle (S-SDLC).
* Performing and overseeing security testing while managing remediation plans for identified vulnerabilities.
What we're looking for:
* Experience in Software Engineering and Application Security.
* In-depth understanding of application security vulnerabilities, testing techniques, and familiarity with the OWASP framework.
* Deep expertise in secure web application development and Agile development methodologies.
* Exceptional communication and influencing skills, capable of collaborating effectively up to senior management levels.
* Comprehensive knowledge of IT and information security disciplines, with an ability to promote and deliver security awareness initiatives.
* Experience in working with the hacker/penetration testing community is desirable.
If you are passionate about driving secure-by-design initiatives and want to work in a team that values innovation and collaboration, we'd love to hear from you.
Please apply with a copy of your CV or email - (see below)