Job Description
Security Engineer (Application Security) - £70,000 - £75,000 base, 15% bonus, + Great benefit package
About the Role:
We are looking for a proactive Security Engineer with a strong background in systems engineering or administration and a passion for application security. In this role, you will work alongside seasoned application security engineers to identify security gaps and integrate streamlined security practices into software development processes. You’ll play a key role in protecting the company’s digital assets, while working closely with teams to enforce security policies, build automation, and promote security best practices.
Responsibilities:
- Collaborate with software engineering teams to identify gaps in security practices and select the right application security tools that seamlessly fit their workflows.
- Support the implementation of security best practices through agile methodologies like Scrum.
- Deliver training sessions on core application security tools for security and engineering teams.
- Create and maintain user-friendly documentation on security products for the business.
- Advocate and promote security awareness across the company.
- Develop automation tools and monitoring systems to enforce security policies and detect threats.
- Build secure, safe-by-default guardrails for engineers to use throughout their projects.
Skills and Experience Required:
- Excellent verbal and written communication skills; able to clearly explain technical concepts to both technical and non-technical audiences.
- A team player who thrives in collaborative environments.
- Proficiency in at least one programming/scripting language (Python, JavaScript, Java).
- Hands-on experience supporting and building cloud infrastructure (preferably Azure).
- Experience with continuous integration tools like Jenkins, GitHub Actions, or Azure DevOps.
- Familiarity with administering Linux distributions, including RHEL, Ubuntu, and CentOS.
- Knowledge of containerization and orchestration tools such as Docker and Kubernetes.
- Strong technical troubleshooting skills, especially in operations environments.
- Understanding of the Software Development Life Cycle (SDLC) and associated tools (e.g., JIRA, Git, GitHub, Nexus).
- Familiarity with application security tooling (SCA, SAST, DAST, IaC Security).
- Working knowledge of security frameworks like OWASP Top 10, Mitre Top 25, and CVSS, with the ability to map them to business risks.
The company offers a comprehensive benefits package and supports your continuous professional development through training programs and resources. This is an opportunity to bring your security expertise to a fast-paced environment, working alongside innovative engineers to shape the company’s security practices.