Application Security Engineer

Posted 13 October 2021
Salary£70000 - £90000 per annum
LocationLondon
Job type Permanent
DisciplineInfrastructure & Support
ReferenceAPPSECUR/LON_1634135866
Contact NameMillie Palfreyman

Job description

Application Security Engineer (fully remote)

A key global client of mine who are serving more than 5,000 clients globally are currently seeking an Application Security Engineer to join their team on a permanent basis

The Responsibilities:

  • Ensure that our applications, software and infrastructure is designed and implemented to the highest security standards.
  • Perform security assessments, design reviews, security audits, risk analysis, vulnerability testing and security code-reviews on a wide variety of environments.
  • Work with key stakeholders across the company to define, design and implement effective security controls and remediate vulnerabilities to improve our security posture and reduce risk to acceptable levels
  • Conduct assessments of threats and vulnerabilities and determine deviations from acceptable security baselines
  • Manage security technology processes and solutions, sometimes through 3rd parties, including endpoint protection, vulnerability management, and SIEM
  • Create security operations playbooks to ensure a consistent approach and response to current & emerging threats
  • Conduct network monitoring and intrusion detection analysis using various Computer Network Defence (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, Host Based Security System (HBSS), etc.
  • Perform security assessments, gather evidence for security audits, review third party security documentation
  • Develop technical solutions to help mitigate application security vulnerabilities

Your Experience:

  • Extensive experience in Information Security or a related field
  • security development experience
  • Expertise in TCP/IP. Understanding of common network vulnerabilities, OS vulnerabilities (Windows and macOS), patching and attack patterns
  • Experience in public cloud environments
  • An understanding of system hardening, containerization, and cloud security controls
  • Familiarity with ISO27001, SOC, GDPR, & CCPA
  • Excellent interpersonal skills & communication skills; you should be an ambitious teammate with strong analytical, problem solving, debugging and troubleshooting skills
  • Experience with M365 Defender & M365 Cloud Application Security
  • Experience with IDS/IPS solutions such as Fortinet
  • Experience with public cloud services including AWS, GCP and Azure