Senior Application Security Engineer

Posted 5 hours 6 minutes ago by Investigo Change Solutions

£80,000 - £90,000 Annual
Permanent
Not Specified
Other
Cambridgeshire, United Kingdom
Job Description

Senior Application Security Engineer

Cambridgeshire Based - 1-2 days a week onsite

We are looking for an experienced Senior Application Security Engineer to join our client's expanding Cyber Security team. This is an incredible opportunity to craft a world-class Application Security function, playing a critical role in embedding security within all stages of the development life cycle.

What you'll be doing:

  • Becoming a key contributor to the Cyber team by focusing on application security architecture and implementing a robust risk management programme.
  • Collaborating closely with different teams to devise plans, perform threat modelling, adopt architecture best practices, drive secure development life cycles, and manage risk remediation.
  • Providing expertise in security best practices and compliance while undertaking hands-on security testing.
  • Identifying application security risks and supporting requirements for new projects and system developments.
  • Representing the Cyber team during review sprints to ensure application security is prioritised before deployment.
  • Partnering with architecture and development teams to review application design and code for security vulnerabilities.
  • Establishing and promoting a threat modelling capability to evangelise secure coding practices in the development life cycle.
  • Delivering technical advice to ensure security standards are fully understood and complied with across teams.
  • Developing and integrating security testing plans into the Secure Software Development Lifecycle (S-SDLC).
  • Performing and overseeing security testing while managing remediation plans for identified vulnerabilities.

What we're looking for:

  • Experience in Software Engineering and Application Security.
  • In-depth understanding of application security vulnerabilities, testing techniques, and familiarity with the OWASP framework.
  • Deep expertise in secure web application development and Agile development methodologies.
  • Exceptional communication and influencing skills, capable of collaborating effectively up to senior management levels.
  • Comprehensive knowledge of IT and information security disciplines, with an ability to promote and deliver security awareness initiatives.
  • Experience in working with the hacker/penetration testing community is desirable.

If you are passionate about driving secure-by-design initiatives and want to work in a team that values innovation and collaboration, we'd love to hear from you.

Please apply with a copy of your CV or email - (see below)