Application Security Engineer - Java, Cyber, Security, CISSP
Application Security Engineer, OWASP, Java, script
Application Security Engineer with a background in software development to provide application security services including secure coding practices, education & awareness, security testing and guidance for software development projects. You will also be required to provide guidance on software security best practice and undertake application security testing. You will be required to ensure awareness of, and enforce secure development policies, procedures and practices relating to the confidentiality, integrity and availability of information.
This is a technical hands-on role within the Application Security team.
Provide highly technical and consultative security guidance to Development teams Identify application security vulnerabilities, risks and requirements for new projects and system developments Work with the Architects and Development teams to review code for security vulnerabilities and embed/improve security threat modeling and secure coding in the development lifecycle Develop security-testing plans and integrate into the software development lifecycle. Assist Development and QA Teams to set up static testing tools Perform/oversee security testing and manage remediation of identified vulnerabilities Maintain awareness of cyber trends, threats, and vulnerabilities Participate in systems design to ensure implementation of appropriate technical security policies and technology across all layers Train developers on secure coding practices and share industry best practices
Skills and Experience
Able to perform application security testing (dynamic) and code reviews (static) Deep understanding of security vulnerabilities in software (both native and web) Able to develop or have developed security related software Performed technical security research (discovered security vulnerabilities or identified new bug discovery techniques or presented in security conferences) Software Development background (professionally or security research based) The ability to patch security vulnerabilities will be considered a bonus Deep understanding of Java and web scripting languages/frameworks
Experience with automated security testing tools (both static and dynamic) Able to debug security issues and provide detailed security related reports Highly experienced in secure coding practices and methodologies Comfortable in an agile working environment and high transaction systems Comfortable in working within a fast moving cutting edge technologies environment. Able to work with development teams and clearly describe security vulnerabilities Good understanding of cryptographic protocols and encryption algorithms Experience in bug reporting platforms and security reporting Comfortable working autonomously or in a team Strong oral communication skills in English and good presentation/teaching skills Excellent problem-solving and organizational skills Ability to apply these skills cooperatively in a collaborative team environment.
Get in touch for an immediate interview.
At Tec Partners we are committed to being an inclusive organisation that provides equality of opportunity to all in terms of employment, recruitment and the service we provide to our customers. We welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age.
This job was originally posted as www.jobsite.co.uk/job/959435705