At a Glance
- Tasks: Bridge the gap between Security and Engineering while securing applications and AI workflows.
- Company: Join a forward-thinking tech company focused on innovative security solutions.
- Benefits: Competitive salary, flexible work options, and opportunities for professional growth.
- Other info: Dynamic team culture with a focus on continuous learning and development.
- Why this job: Make a real impact by ensuring secure coding practices and protecting user data.
- Qualifications: Experience in application security, cloud environments, and strong communication skills.
The predicted salary is between 60000 - 80000 € per year.
Requirements
- Pragmatism: You understand the difference between partnering with Engineering and security being a blocker of progress.
- Communication: You can translate a complex vulnerability into a business risk for a Product Manager and a technical fix for an Engineer.
- AppSec Subject Matter Expertise: You have a strong understanding of critical security risks in applications, are able to identify them in code, and provide recommendations on how to remediate.
- Cloud Native: Strong experience securing AWS/GCP environments and containerised workloads.
- AI ready: You understand the unique risks of AI and have experience securing AI-driven workflows.
What the job involves
- As our Cyber Security Engineer, you will be the bridge between Security and Engineering. You aren't here to block deployments; you’re here to ensure our code is resilient by design. You will empower our developers to ship fast without breaking the trust of our customers or regulators.
- Secure the Pipeline: Integrate and automate SAST, DAST, and SCA tooling directly into our CI/CD pipelines to catch vulnerabilities before they reach production.
- Harden the Product: Act as a Subject Matter Expert (SME) assisting engineers with the remediation of security vulnerabilities and bugs.
- Safeguard AI: Design and implement security guardrails for AI-assisted development and LLM integrations, ensuring data privacy and preventing prompt injection or model leakage.
- Threat Modelling: Partner with Product and Engineering teams to conduct threat modelling sessions for new features before they are built.
- Security Architecture: Act as a consultant for infrastructure and application design, ensuring our AWS/GCP Kubernetes environments remain hardened.
- Security Culture: Cultivate a Secure Development guild to level up our developers' secure coding skills.
Tech Stack
- Backend: Kotlin 1.7.20, AWS, GraphQL (familiarity is nice but not a deal breaker), Postgres, RabbitMQ, Docker, Kubernetes.
- Frontend: React & React Native, TypeScript, MobX, Redux, Stylus, and SASS.
- Other: We build our Kotlin projects using Gradle and GitHub Actions, deploying to production as soon as we finish a feature. We use JUnit Jupiter, Kotest, and TestContainers for automated testing.
Application Security Engineer in London employer: Deepstreamtech
As an Application Security Engineer, you will thrive in a dynamic work environment that prioritises collaboration between security and engineering, ensuring that our code is robust and secure. We offer a culture of continuous learning and growth, with opportunities to enhance your skills in cutting-edge technologies like AI and cloud security. Join us to be part of a team that values innovation, empowers developers, and fosters a strong security mindset, all while enjoying the benefits of a supportive and inclusive workplace.
StudySmarter Expert Advice🤫
We think this is how you could land Application Security Engineer in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at meetups. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repo showcasing your work in application security. We love seeing practical examples of how you’ve tackled vulnerabilities and secured environments.
✨Tip Number 3
Prepare for those interviews! Brush up on your knowledge of AWS/GCP and container security. We want to see how you can translate complex security concepts into actionable insights for both technical and non-technical teams.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. We’re excited to see how you can contribute to our secure development culture!
We think you need these skills to ace Application Security Engineer in London
Some tips for your application 🫡
Show Your Pragmatism:When writing your application, make sure to highlight how you balance security with engineering needs. We want to see that you understand the importance of being a partner rather than a blocker in the development process.
Communicate Clearly:Use straightforward language to explain your experience with vulnerabilities. We love candidates who can translate complex security issues into relatable business risks and technical fixes for our team.
Demonstrate Your Expertise:Make sure to showcase your knowledge of application security risks and your hands-on experience with AWS/GCP. We’re looking for someone who can identify issues in code and suggest practical solutions.
Apply Through Our Website:We encourage you to submit your application through our website. It’s the best way for us to keep track of your application and ensure it gets the attention it deserves!
How to prepare for a job interview at Deepstreamtech
✨Know Your Stuff
Make sure you brush up on your AppSec knowledge, especially around critical security risks in applications. Be ready to discuss how you identify vulnerabilities in code and provide actionable remediation strategies.
✨Speak Their Language
Practice translating complex security concepts into business risks for non-technical stakeholders. You’ll need to show that you can communicate effectively with both Product Managers and Engineers, so think of examples where you've done this before.
✨Showcase Your Cloud Skills
Since the role involves securing AWS/GCP environments, be prepared to talk about your experience with these platforms. Highlight any specific projects where you’ve implemented security measures in cloud-native applications or containerised workloads.
✨Emphasise Collaboration
This position is all about bridging the gap between Security and Engineering. Share examples of how you've successfully partnered with development teams in the past, particularly in threat modelling or integrating security tools into CI/CD pipelines.
