Job Details
We are looking for a committed Application Security Engineer to strengthen the security measures of our applications developed with technologies such as React, Node.js, Java with Spring Boot, Python, and AWS. This role demands a proactive approach to maintaining and enhancing the security infrastructure to protect against current and future threats.
Primary responsibilities (not limited to)
1. Design and implement robust security frameworks for applications developed in React, Node.js, Java Spring Boot, and Python.
2. Perform security audits, code reviews, and comprehensive vulnerability assessments across various development environments.
3. Manage and secure AWS services, including API Gateway.
4. Integrate security tools into CI/CD pipelines using Jenkins and GitHub Actions, ensuring automated security checks throughout the development process.
5. Conduct white box penetration tests after each release to identify and resolve potential security vulnerabilities.
6. Respond to, investigate, and remediate security incidents and vulnerabilities within the application stack.
7. Develop, update, and maintain detailed security documentation outlining standards, procedures, and protocols.
8. Educate and guide development teams on best security practices and secure coding techniques.
Requirements
9. Bachelor’s degree in Computer Science, Information Security, or a related field.
10. Demonstrable experience in application security, particularly with React, Node.js, Java, Spring Boot, and Python.
11. Expertise in configuring and securing AWS environments, including API Gateway.
12. Proficient with CI/CD tools such as Jenkins and GitHub Actions for security integrations.
13. Experienced in conducting white box penetration tests and security assessments.
14. Strong knowledge of secure coding practices, ethical hacking, and threat modeling.
15. Excellent analytical, problem-solving, and communication skills.
Preferred Skills:
16. Security-related certifications (CISSP, CEH, OSCP).
17. Experience in regulated industries (financial, healthcare) is a plus.
18. In-depth knowledge of network security and cloud security best practices.
19. Experience with Infrastructure-as-Code (IaC) tools, particularly Terraform, to manage and provision infrastructure through code which enhances security automation.
All Stratos Market Limited employees must be eligible to work in United Kingdom.