Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Enhance application security processes and collaborate with software engineers on innovative projects.
- Company: Join Experian, a global leader in data and technology with a focus on innovation.
- Benefits: Enjoy a competitive salary, healthcare, generous leave, and a bonus plan.
- Why this job: Make a real impact on security practices while working remotely in a dynamic environment.
- Qualifications: Experience in AppSec or DevSecOps and proficiency with security tools and programming.
- Other info: Be part of a diverse team that values innovation and personal growth.
The predicted salary is between 48000 - 72000 £ per year.
Overview
Experian, Global Security Office are looking for an experienced Senior Application Security Engineer to enhance our application security processes with emphasis on business engagement. You will be responsible for static, SCA, and dynamic scanning, collaborating with software engineers, provide flaw mitigation recommendations, and implementing automated security controls throughout the development lifecycle and CI/CD pipelines. Ensure the Software Security Policy and Baseline requirements are met for new Agile deliveries and for legacy estate with flaws and issues managed throughout all stages of an applications\’ life. This is a remote UK-based position reporting to the Manager of Application Security.
Responsibilities
- Collaborate with software engineers and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC).
- Work with development teams to understand their needs and the risk profile for each application and customize solutions to meet the needs of the application.
- Collaborate on the implementation and management of SAST, SCA, DAST, and other scanning solutions to provide coverage for the application portfolio.
- Guide development teams through a review of their applications and risks against common application flaws (e.g., OWASP Top 10) and provide prioritized visibility to senior management along with context.
- Operate as an advocate for Security in interactions with internal and external teams.
- Work with Risk & Compliance teams on audits (e.g., SOC 2, PCI-DSS, HIPAA) and recommend relevant Application Security policy and procedures.
- Contribute to internal and external/client audits, ensuring compliance with security standards.
- Lead projects to implement security technologies enterprise-wide.
- Integrate 3rd party and build custom solutions into our CI/CD pipelines and development cycles.
- Define security guardrails through automated tool policies, service level agreements, custom rules, and support the developer community.
- Support the enterprise in managing vulnerabilities through automated tooling and security assessments.
- Work with Security Champions to build relationships and ensure main activities are supported and deliverables are achieved promptly.
- Direct experience in enterprise-level application security.
Qualifications
- Experience in AppSec or DevSecOps, collaborating and presenting to developers, supporting development teams to adopt and mature secure development practices.
- Proficiency with SAST, SCA, DAST, IAST, RASP and other tools associated with DevSecOps.
- Experience with programming and software development including CI/CD pipelines and related technologies such as Git, Jenkins, Maven, Chef, Puppet, Ansible, Nexus, Artifactory and NPM.
- Experience overseeing the linking of applications between different departments and systems.
- Understanding of MITRE, OWASP, SafeCode and risk management methodologies as they relate to integration/software testing.
- Good project management skills or substantial exposure to project-based work structures and lifecycle models.
- Knowledge of cloud and GenAI security is an advantage.
Benefits
- Great compensation package and discretionary bonus plan.
- Core benefits include pension, Bupa healthcare, Sharesave scheme and more.
- 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave.
Experian is a global data and technology company, powering opportunities for people and businesses around the world. We are an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian\’s DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity. Experian Careers – Creating a better tomorrow together.
#J-18808-Ljbffr
Senior Application Security Engineer employer: Experian Information Solutions, Inc.
Contact Detail:
Experian Information Solutions, Inc. Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Application Security Engineer
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend meetups, and engage with online communities. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your projects, especially those related to application security. This gives potential employers a tangible sense of what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on common application security scenarios and challenges. Be ready to discuss how you've tackled similar issues in the past and how you can contribute to their team.
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Senior Application Security Engineer
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in application security and DevSecOps. We want to see how your skills align with the role, so don’t hold back on showcasing relevant projects!
Showcase Your Collaboration Skills: Since this role involves working closely with software engineers and leadership, it’s important to demonstrate your ability to collaborate effectively. Share examples of how you've worked with teams to address security risks and implement solutions.
Highlight Your Technical Proficiency: Be sure to mention your experience with tools like SAST, SCA, and DAST, as well as your familiarity with CI/CD pipelines. We’re looking for someone who can hit the ground running, so let us know what you’ve worked with!
Apply Through Our Website: We encourage you to apply directly through our website for a smoother process. It helps us keep track of applications and ensures you get the best chance to shine in front of our hiring team!
How to prepare for a job interview at Experian Information Solutions, Inc.
✨Know Your Stuff
Make sure you brush up on your knowledge of application security principles, especially around SAST, SCA, and DAST tools. Familiarise yourself with the OWASP Top 10 and be ready to discuss how you've applied these in past roles.
✨Show Your Collaborative Side
Since this role involves working closely with software engineers, be prepared to share examples of how you've successfully collaborated with development teams in the past. Highlight any specific projects where you helped mitigate security risks.
✨Tailor Your Approach
Understand that each application has its own risk profile. Be ready to discuss how you would customise security solutions based on the unique needs of different applications. This shows you can think critically and adapt your strategies.
✨Be an Advocate for Security
Demonstrate your passion for security by discussing how you've acted as an advocate in previous roles. Share experiences where you’ve influenced teams or management to prioritise security measures, especially in Agile environments.
