Position Overview
Our client is seeking an experienced Application Security Engineer to strengthen their organisation's security posture by implementing security measures throughout the software development lifecycle. The ideal candidate will work closely with development teams and operation teams to ensure security is embedded in its applications from design to deployment.
Scope of Role
- Conduct security assessments, threat modelling, and code reviews to identify vulnerabilities in applications
- Design and implement security controls, authentication mechanisms, and encryption solutions
- Develop and maintain secure coding guidelines and security standards
- Collaborate with development teams to remediate security issues and provide guidance on secure coding practices
- Conduct security awareness training sessions for development teams
- Monitor and respond to security incidents related to application vulnerabilities
- Evaluate and implement security tools and technologies
- Maintain documentation of security processes and procedures
Requirements
- Bachelor's degree in Computer Science, Information Security, or related field
- At least 3 years of experience in application security or software development with security focus
- Strong knowledge of secure coding practices and OWASP Top 10 vulnerabilities
- Proficiency in common programming languages (e.g., .Net Core, Java, Python, JavaScript)
- Experience with security testing tools and methodologies
- Understanding of cryptography, authentication, and authorisation protocols
- Knowledge of common security frameworks and standards (ISO 27001, NIST, etc.)
- Security certifications (CISSP, CEH, OSCP, or equivalent)
- Experience with cloud security (AWS, Azure, GCP)
- Knowledge of DevSecOps practices and tools
- Familiarity with containerisation and microservices security
- Strong analytical and problem-solving abilities
- Excellent communication and collaboration skills
- Experience with security incident response
