Application Security Engineer
Ensure you read the information regarding this opportunity thoroughly before making an application.
Salary - £70-75k + 10% Bonus + Benefits
Location – Cambridge (1 day per week)
Newly created Application Security Engineer role with a Major Tech organization undergoing a really exciting security transformation to a truly cloud-native infrastructure estate.
Working alongside the wider Engineering departments, you'll be responsible for championing the Secure Development Lifecycle across the wider Engineering departments, ensuring security and privacy are built in and incorporated to everything at the design stage; leading in the integration of SAST tooling into the pipeline and secure developer training, as well as developing security architecture design patterns and standards.
This is a crucial hire where they need someone who can blend a very hands-on, technical security engineering skill-set in AWS, with the ability to collaborate and work with wider departments and senior stakeholders to translate technical security concepts into their language.
Responsibilities
Perform hands-on security threat modelling of new technology and applications, ensuring everything is secure and in-line with in-house security standards / infrastructure – integrating with SAST with IAC.
Work closely with Development teams to ensure security and privacy are built in by design, promoting a secure development lifecycle culture across the business.
Promote a security focused culture across the organization, working with different technical and non-technical teams to champion security as an enabler.
Requirements
Significant experience working as a Application Security Engineer in cloud-native (AWS) environments with an in-depth knowledge of Infrastructure as Code, Containers and CI/CD concepts.
In-depth knowledge of SAST/DAST tooling and concepts and how best to utilize it to enhance the Vulnerability Management and wider IAC capabilities.
Significant knowledge of AWS environments and implementing AWS Well Architected Security pillar.
Experience building and fine-tuning security tooling to be deployed in cloud environments.
Strong proficiency in coding/scripting/development languages – Python and Terraform in particular.