Application Security Engineer

Stott and May Professional Search Ltd
12 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
€ 100K

Job location

Remote

Tech stack

Artificial Intelligence
Computer Security
Open Web Application Security
Secure Coding
Software Engineering
Test Management
Web Applications
Cloud Platform System
Software Security
Containerization
Patch Management
Free and Open-Source Software
Docker
Static Application Security Testing
BIG‑IP Application Security Manager (ASM)
Dynamic Application Security Testing

Job description

  • Communicate technical information to both technical and non-technical stakeholders, including senior leadership and customers
  • Enable and support product-specific application security roles across our various business units
  • Coordinate, align, track and steer business unit specific product and project security roles to achieve secure SDLC implementation across the business
  • Form a community and foster knowledge exchange, provide guidance, feedback, training and professional development opportunities to the business unit application security roles
  • Collaborate with cross-functional teams, including development, operations, security, and compliance, to ensure effective communication of security risks and recommendations
  • Define and implement application security measures
  • Design secure SDLC and create corresponding concepts, standards and guidance materials
  • Select, introduce and operate SAST and DAST
  • Design Threat Modelling using industry frameworks like STRIDE or PASTA and implement together with Product Security Officer
  • Coordinate information security test management
  • Ensure security across CI/CD pipelines and practices
  • Application vulnerability and patch management incl. SBOM
  • Ensure usage and compliance to open-source software licenses
  • Promote secure coding practices and educate developers on the importance of security in software development
  • Design and implement secure application architectures that align with organizational security policies and standards

Requirements

  • Strong understanding of web application vulnerabilities (e.g., OWASP Top 10) and remediation strategies
  • Proficiency in secure coding practices and development methodologies
  • Experience with cloud-based platforms and containerization (e.g., Docker)
  • Knowledge of security frameworks and standards (e.g., IEC, NIST Cybersecurity Framework, OWAS Top10, OWASP ASVS)
  • CISSP, or related security certifications are a plus
  • Great enthusiasm for Information Security
  • Intrinsic motivation, never ending curiosity
  • Quick thinking and continuous learning personality and thus are able to dive into new topics quickly, filter and digest the relevant information
  • Inquisitive and analytical mindset
  • Strong problem-solving and analytical abilities
  • Excellent communication skills verbal and written, clear and to the point
  • Proactivity driver attitude happy to collaborate with others
  • Ability to work comfortably in a lean and agile environment

Benefits & conditions

  • Modern hardware and the opportunity to work with cutting-edge technologies
  • Flexible working model with home office days
  • Training budget for personal growth
  • 30 days vacation
  • Events for employees to celebrate our achieved goals and great team-spirit
  • Cooperate benefits and insurances

Apply for this position