Application Security Engineer
KrakówApplication Security Engineer
Kraków
NR REF.: 1147044
Your new company
For our Client, an international technology company located in Kraków we are looking for a person interested in the role of Application Security Engineer.
Your new role
The Application Security Engineer will play a key role in establishing a secure software assurance process as part of ISO27001. This will involve embedding security into every stage of the development lifecycle, from requirements capture through to deployment. The application security engineer will work on the various platforms, collaborating with many stakeholders from Product, Software Engineers, QA Engineers, and IT, to improve and enhance the security of those platforms and applications.
What you'll need to succeed
Desired, but not essential:
What you'll get in return
What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
Kraków
NR REF.: 1147044
Your new company
For our Client, an international technology company located in Kraków we are looking for a person interested in the role of Application Security Engineer.
Your new role
The Application Security Engineer will play a key role in establishing a secure software assurance process as part of ISO27001. This will involve embedding security into every stage of the development lifecycle, from requirements capture through to deployment. The application security engineer will work on the various platforms, collaborating with many stakeholders from Product, Software Engineers, QA Engineers, and IT, to improve and enhance the security of those platforms and applications.
- Work closely with application development, product and software QA Teams to implement software security that is tailored to the specific risks facing the organisation
- Gather security requirements and conduct risk assessments and threat modelling
- Introduce security tools and best practices for performing and automating security testing (SCA, SAST, DAST, IAST)
- Perform various aspects of security testing including penetration testing
- Provide training on secure application development and testing to software engineers and QA
- Provide guidance on the development of web-based training for ongoing awareness.
- Develop and maintain unit and integration tests designed to ensure security controls are tested on every build
- Identify, assess, remediate, and document security risks and vulnerabilities
- Develop and maintain security processes and procedures
- Review code for security related issues and implement security related unit tests
What you'll need to succeed
- Minimum of 3 years’ experience in a technical role such as an Application Security Engineer or application developer, architect or QA
- Experience testing complex software systems and applications
- Experience working within information security management system e.g. ISO27001
- Experience with at least one programming language e.g. Javascript, Java
- Understanding of secure development principles
- Understanding of Agile and Continuous Integration/Testing/Delivery
- Knowledge of DevOps and DevSecOps
- Experience performing risk assessment and threat models
Desired, but not essential:
- Thorough knowledge of the OWASP Top 10
- Familiarity with compliance standards e.g. GDPR, NIST, NERC CIP, IEC62443
- Experience using tools to perform SAST, DAST, SCA e.g. SonarQube
- Practical experience using of open source and commercial application security tools
- Understanding of social engineering methods and aspects
- Familiarity with continuous integration tools e.g. Jenkins or GitLab-CI
- Experience testing cloud hosted applicated e.g. in AWS
- Familiarisation of container security e.g. docker
- Familiarisation of Linux operating systems e.g. Redhat, CentOS
- Any AppSec certifications would be a plus - OSWE, OSWASP etc
What you'll get in return
- Company Pension, Healthcare & Life Assurance Schemes
- On-site parking
- Flexible / Remote Working
- Subsidised Gym Membership
- Wellness programmes
What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
Prosimy o aplikowanie poprzez przycisk znajdujący się po prawej stronie ogłoszenia.
