I am working with a leading environmental services organisation, looking to upskill their IT Security team with the introduction a new AppSec Engineer. This role involve identifying and resolving vulnerabilities within software applications, ensuring robust protection against threats, as well as developing and implementing security measures, conducting assessments and advising on secure coding practices.
Key Responsibilities:
- Support the integration of Secure SDLC controls for onboarding applications, including remediation guidance and metrics tracking.
- Integrate security tools such as DAST, SAST, and SCA into the development pipeline.
- Collaborate with teams to address security risks and enhance the Secure Software Development Life Cycle (SSDLC).
- Guide development teams on secure application practices, risk assessment, and remediation strategies.
- Assess impacts, prioritize remediation plans, and lead initiatives to fix critical vulnerabilities.
- Conduct security architecture reviews and provide actionable guidance to engineering teams.
- Monitor security information sources to aid vulnerability discovery.
- Communicate and balance business and security risks effectively.
Qualifications:
- Bachelor’s or Master’s in Computer Science, Engineering, or Information Security (or equivalent experience).
- Minimum 5 years in Application Security Engineering.
- Familiarity with infrastructure as code (e.g., Terraform, AWS CDK), DAST, SAST, and application security tools.
- Proficient in one or more programming languages (Rust, Python, C++, Go, PHP, etc) and cloud security (AWS, Azure, GCP).
- Strong understanding of the OWASP Top 10, encryption, and secure application architecture.
If this sounds interesting, please send apply for immediate consideration.