£65,000 - £70,000 Per Annum
London, United Kingdom
Information Security,IT/Technical,Engineer,Software Engineer
Permanent | Full Time
Application Security Engineer - London / City, Challenger Bank
£65-70k + bonus & benefits
About the Role:
We are looking for an application security engineer who can assist in deploying security at scale.
The role will be focused on developing the existing controls into a scalable, functional model by adopting a shift-left mentality and ensuring that security is embedded into the culture and code as early as possible. The candidate will be embedded into the existing DevOps capabilities team with a focus on supporting the CISO in the delivery of their security strategy. As a member of the team you will collaborate closely with areas across the business including Engineering, DevOps and Info Security to ensure we are continuously delivering disruptive, robust and secure products to the market.
If you are passionate about leading a team from the front, not afraid to get your hands dirty and can demonstrate your experience in the Technology arena, then we would like to hear from you. You should be willing to learn new technologies, champion continuous improvement and enable your team to succeed by providing them with the right tools, right knowledge and clearing delivery blockers. You should have an agile mindset and expect to deliver at pace from the start.
In any one day you might:
We believe that the right candidate should be able to quickly adapt, to the fast-paced nature of a Fintech, and have a passion for security. The ideal candidate will be self-motivated, willing to learn and a lateral thinker with experience in the following areas:
Desirable Skills and Experience:
· Previous experience with application security covering the OWASP Top 10 and CWE.
· Experience working within, or at least a solid understanding of what is required to work in a DevOps and Agile environment
· Hands-on experience performing code reviews and with associated applications such as static and dynamic code analysis tools
· Experience in code reviews, and application security testing using open source and commercial tools.
· Experience w/public cloud environments (IaaS, PaaS, SaaS)
· Experience in secure coding and software development in various languages (C#, .NET, Powershell, GoLang.)
The ideal candidate will have solid network knowledge and experience, with ability to manage tasks independently, high level of attention to detail. Will also suit a self-starter who requires minimal supervision.
· Strong communication skills with an ability to engage internal and external stakeholders at all levels, including C-suite.
· Must be a self-motivated individual with good attention to detail, commercial awareness with good judgement and decision-making skills. Our infrastructure is primarily based on Microsoft & Cisco technologies, with plenty of opportunities to learn and contribute.