-
Job Description
Application Security Engineer
Department: Engineering
Employment Type: Permanent - Full Time
Location: London
Description
Application Security Engineer
London
At Freetrade, we believe investing should be accessible to everyone. It’s one of the best ways to grow your savings but, for many, it seems complicated, expensive, and out of reach.
London
At Freetrade, we believe investing should be accessible to everyone. It’s one of the best ways to grow your savings but, for many, it seems complicated, expensive, and out of reach.
We’re here to change that.
We're a technology company that brings simple investing to everyone. We’ve built a beautiful app to buy and sell shares and ETFs in a fluid, mobile-first experience.
We’re building a team with diverse and unique perspectives in order to help us on our mission to demystify investing.
Our goal is to help our customers achieve better, long-term financial outcomes.
In 2024, we’ll be launching across the EU, following our successful launch in Sweden and our new office launching in Budapest. We’ll also be transforming our product, developing new features and introducing new products. In the UK, we now have over 1.6m registered users, offering a range of products like the Freetrade Pension, a stocks and shares ISA, and our premium plan, Freetrade Plus.
Core responsibilities of the role is to ensure the security of software applications throughout their lifecycle for Freetrades Web and Mobile apps. This role involves identifying and helping to mitigate security vulnerabilities, guiding engineers in implementing best practices, and collaborating with developers to integrate security into the software development process. This will require regular security assessments and penetration testing on the web and mobile app to identify vulnerabilities.
Core responsibilities of the role is to ensure the security of software applications throughout their lifecycle for Freetrades Web and Mobile apps. This role involves identifying and helping to mitigate security vulnerabilities, guiding engineers in implementing best practices, and collaborating with developers to integrate security into the software development process. This will require regular security assessments and penetration testing on the web and mobile app to identify vulnerabilities.
You will...
- Perform static and dynamic code analysis to detect security issues/vulnerabilities
- Regular penetration testing of Web and Mobile app
- Participate in code reviews to ensure adherence to security requirements
- Conduct threat modeling to identify potential security threats and vulnerabilities in applications
- Assess the risk associated with identified vulnerabilities and prioritise remediation efforts
- Manage all security tools and technologies to automate security testing and monitoring
You have...
- Understanding of web and mobile application security
- Experience with security testing tools of web and mobile apps
- Hands-on experience in application security, penetration testing and secure software development
- Experience with security testing tools (e, Burp Suite)
- Proficient with threat modelling (OWASP Dragon)
- Knowledge of relevant security standards, regulations, and industry best practices (OWASP, GDPR, PCI-DSS)
- Proficiency in one or more programming languages such as Python, Go
- Relevant certifications such as:
- Certified Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP),
- Certified Information Systems Security Professional (CISSP)
Benefits & Logistics
The application process consists of a 5 stage process. Following a phone interview with one of our internal Talent Specialists, you'll have interviews centred around your Technical abilities. The final interview will be with our Founders, to assess your alignment to our company Values and general fit.
You’ll have a stake in the company you’re building, with stock options benchmarked to US companies.
We are an Equal Opportunity employer committed to a diverse and representative team. Whatever your race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability - we want to hear from you. We're very open about what we're working on, and the best places to learn more are our buzzing community forum and our blog.
To find out more about how we look after your personal data when you apply for a job with us, please see our Recruitment Privacy Policy here.