Application Security Engineer (Penetration Testing) - Flexible/Remote

  • Trs 24/7 Solutions Limited
  • Chelmsford, UK
  • Oct 16, 2020

Job Description

The Client:

A big part of their culture is openness, transparency, and diversity. They are driving to publish more of their work to the wider community. Have closer engagement and collaboration with their customers and partners. They aim to find diverse and talented individuals, from all parts of the world, walks of life and previous industry experience.

The talented candidate will work in their Information Security Team. The Application Security Engineer will help analysing the security of software design and implementation and on identifying and resolving security issues. The engineer will also be involved at all stages of the Product Life Cycle, from design to secure coding and development, testing and development stages and involved with all their security champions to make sure their products are secure.

Tech Stack: Threat Modelling, Risk Assessment, Dynamic and Static code Analysis, Compliance management, Python, Vulnerability scanning, Pentesting.

Duties and Responsibilities

A mix of product and operation engineering to facilitate:

  • Threat Modelling and Risk management
  • Monitoring of application and cloud infrastructure.
  • Static and Dynamic code analysis
  • Pentesting and vulnerability scanning
  • Maintain Projects and technical documentation
  • Develop a familiarity with new security tools and best practises

Skills you may have, or will learn

  • AWS and Azure Technologies
  • Static and Dynamic code analysis
  • Threat modelling, Risk Assessment
  • Strong software engineering principles
  • Automation
  • Python, Jupyter, GitHub

Helpful Knowledge and Experience

  • Familiar with Cloud Security issues, MUST have deep understanding of OWASP Top 10 with proven track record and experience in implementing and integrating remediation strategies
  • Ability to educate Developers on application security best practises and secure coding techniques
  • Drive security into the software development lifecycle by performing security threat modelling, risk assessment, and vulnerability management and working with our cloud and core teams to implement mitigations and resolutions.
  • Knowledge of compliance standards GDPR, NIST, ISO27001,
  • Monitoring and Logging - Data dog, Azure security centre
  • Python, Go, Powershell, Bash.
  • Strong Azure or AWS knowledge and Azure (at least one of them)
  • Comfortable with Agile development practices and have strong programming ability in at least one programming language, and one scripting language. We use Python, , Javascript/, GIT
  • Advantage for Security Cleared UK and US nationals.

Salary and Benefits

  • A competitive salary and benefits package.
  • Some benefits include private health care, pension contribution, and an options programme.
  • Flexible and remote working options...... click apply for full job details