Application Security Engineer
London / Remote
As a senior security engineer, you will work cross-functionally to assess risk and help deliver countermeasures that protect our member's data. You will work will engineering teams to create solutions that solve or remediate security problems.
Security engineers will assist the engineering teams in
- Provision of cloud infrastructure
- The selection and DevSecOps tools configuration
- Performing threat modelling
- High level and detailed security designs while working closely with Group Security and security architects.
- Implementation of designed security controls
- Investigation and remediation of automated tools' alerts
- Programming with at least one modern language, an appreciation of software development lifecycle, software delivery methodologies and experience with industry-standard tools and methods for delivering software in an enterprise environment (version control, CI/CD pipeline, etc.)
- Design, implement and configuring automated security tools in the DevSecOps pipeline
- Containerisation and serverless technologies (i.e., Docker, K8s, AWS Lambda) and their security implications
- Reviewing application and infrastructure code from a security point of view, interpret the results of SAST, DAST reports and advice the engineers on remediation
- Threat modelling, design and implementing security controls in the application layer
Lorien Plc is acting as an Employment Agency in relation to this vacancy.