Senior Application Security Engineer
Cambridgeshire Based - 1-2 days a week onsite
We are looking for an experienced Senior Application Security Engineer to join our client's expanding Cyber Security team. This is an incredible opportunity to craft a world-class Application Security function, playing a critical role in embedding security within all stages of the development lifecycle.
What you'll be doing:
Becoming a key contributor to the Cyber team by focusing on application security architecture and implementing a robust risk management programme.
Collaborating closely with different teams to devise plans, perform threat modelling, adopt architecture best practices, drive secure development lifecycles, and manage risk remediation.
Providing expertise in security best practices and compliance while undertaking hands-on security testing.
Identifying application security risks and supporting requirements for new projects and system developments.
Representing the Cyber team during review sprints to ensure application security is prioritised before deployment.
Partnering with architecture and development teams to review application design and code for security vulnerabilities.
Establishing and promoting a threat modelling capability to evangelise secure coding practices in the development lifecycle.
Delivering technical advice to ensure security standards are fully understood and complied with across teams.
Developing and integrating security testing plans into the Secure Software Development Lifecycle (S-SDLC).
Performing and overseeing security testing while managing remediation plans for identified vulnerabilities.
What we're looking for:
Experience in Software Engineering and Application Security.
In-depth understanding of application security vulnerabilities, testing techniques, and familiarity with the OWASP framework.
Deep expertise in secure web application development and Agile development methodologies.
Exceptional communication and influencing skills, capable of collaborating effectively up to senior management levels.
Comprehensive knowledge of IT and information security disciplines, with an ability to promote and deliver security awareness initiatives.
Experience in working with the hacker/penetration testing community is desirable.
If you are passionate about driving secure-by-design initiatives and want to work in a team that values innovation and collaboration, we'd love to hear from you.
Please apply with a copy of your CV or email