Start Hiring Start Applying
Start Applying

StudySmarter Job Board

Senior Application Security Engineer
Job Board
Companies
Fortinet
Senior Application Security Engineer

Senior Application Security Engineer

Full-Time 36000 - 60000 £ / year (est.) No home office possible
Go Premium
F

At a Glance

  • Tasks: Lead application security initiatives and conduct thorough security reviews on Fortinet applications.
  • Company: Join Fortinet, a leader in cybersecurity with a focus on innovation and teamwork.
  • Benefits: Enjoy competitive pay, health benefits, and opportunities for professional growth.
  • Why this job: Make a real impact by enhancing the security of cutting-edge applications.
  • Qualifications: 5+ years in information security and strong coding skills in Java, .NET, Python, or JavaScript.
  • Other info: Be part of a global team and advance your career in a dynamic environment.

The predicted salary is between 36000 - 60000 £ per year.

Senior Application Security Engineer

Fortinet is looking for a Sr. Application Security Engineer to join the Corporate Information Security team. This is a highly technical role, with responsibilities conducting security reviews on various Fortinet applications, providing security education to our engineers and handling externally reported vulnerabilities.

Key Responsibilities:

  • Serve as an application security subject matter expert who provides guidance to internal teams
  • Work closely with development teams, perform code reviews, penetration tests, and architectural reviews on existing codes and new features.
  • Develop, implement, and communicate vulnerability mitigation strategies to development teams
  • Handle externally reported vulnerabilities as a member of Corporate Information Security Responsible Disclosure Program committee.
  • Drive Fortinet static and dynamic application security testing program.
  • Develop strategies, evaluate solutions, design and implement tools, processes and controls to ensure that security and privacy are designed in Fortinet applications
  • Advise development teams on SDLC best practices.
  • Proactively research new attack vectors on applications that may affect Fortinet applications and infrastructure.
  • Be part of a global distributed team to share knowledge, workload and assignments. Strong sense of teamwork is required. Coach peers in application security concepts and best practices.

    • Required Skills/Experience:

  • 5+ years of work experience as an Information Security Researcher or Engineer
  • 3+ years of experience with manually auditing source code to find security issues or programming skills in one or more of: Java, .NET, Python or JavaScript frameworks.
  • Strong understanding on OWASP TOP 10 vulnerabilities.
  • Strong understanding of common API security risks
  • Strong understanding on Cloud-Native application architecture, microservices, containerization technologies, secure deployment and implementation issues.
  • Proven experience in application penetration testing
  • Proven experience in security code review
  • Proven experience in application security testing (DAST, SAST, IAST, SCA) tools and processes
  • Strong foundation in computer and network security, authentication & authorization, security protocols and applied cryptography
  • Solid understanding with web security standards such as CSP, SOP, CORS, and emerging web security technologies.
  • Solid understanding on CI/CD pipelines, build systems and DevSecOps principles.
  • Experience defining security architecture patterns and standards in a large enterprise organization.
  • Experience with cloud-based security solutions and familiarity with cloud service providers, particularly in relation to application security
  • Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc.
  • Efficiency with web proxies such as Burp or OWASP ZAP or Fiddler
  • Understanding of OAuth and JWT implementations.
  • Ability to organize & communicate effectively, both written and verbal, with technical and non-technical people across functional teams
  • A BS degree in Computer Science, Cyber Security, other tech-related degree, or equivalent experience.
  • Experience in Cloud Security Posture Management (CSPM) and/or Application Security Posture Management (ASPM) tools is a plus.
  • Having OSWE OSCP, GWEB, GPEN or similar certificate is a plus
  • Experience in Mobile Application Penetration Testing is a plus
  • Familiarity with AI&ML & LLM concepts, AI Red Teaming, AI Guardrails is a plus.

    • #LI-Hybrid

    Senior Application Security Engineer employer: Fortinet

    Fortinet is an exceptional employer for a Senior Application Security Engineer, offering a dynamic work environment that fosters innovation and collaboration within a global team. With a strong emphasis on employee growth, Fortinet provides opportunities for continuous learning and development in cutting-edge security practices, while also promoting a culture of teamwork and knowledge sharing. Located in a vibrant tech hub, employees benefit from a supportive atmosphere that values security expertise and encourages proactive engagement with emerging technologies.
    F

    Contact Detail:

    Fortinet Recruiting Team

    View Fortinet Profile

    StudySmarter Expert Advice 🤫

    We think this is how you could land Senior Application Security Engineer

    ✨Tip Number 1

    Network like a pro! Attend industry meetups, webinars, or conferences where you can connect with other security professionals. Don't be shy—introduce yourself and chat about your passion for application security. You never know who might have a lead on your dream job!

    ✨Tip Number 2

    Show off your skills! Create a portfolio showcasing your projects, code reviews, or any penetration tests you've conducted. This is your chance to demonstrate your expertise in action, so make it visually appealing and easy to navigate.

    ✨Tip Number 3

    Prepare for interviews by brushing up on common application security scenarios. Be ready to discuss OWASP TOP 10 vulnerabilities and how you would handle them. Practising mock interviews with friends or using online platforms can help you feel more confident.

    ✨Tip Number 4

    Apply through our website! We love seeing passionate candidates who are eager to join our team. Tailor your application to highlight your experience with security tools and methodologies relevant to the role. Let’s get you on board!

    We think you need these skills to ace Senior Application Security Engineer

    Application Security
    Code Review
    Penetration Testing
    Vulnerability Mitigation Strategies
    OWASP TOP 10
    API Security
    Cloud-Native Application Architecture
    Microservices
    Containerization Technologies
    Static Application Security Testing (SAST)
    Dynamic Application Security Testing (DAST)
    Interactive Application Security Testing (IAST)
    Software Composition Analysis (SCA)
    Threat Modeling Methodologies
    Web Security Standards

    Some tips for your application 🫡

    Tailor Your CV: Make sure your CV is tailored to the Senior Application Security Engineer role. Highlight your experience with security reviews, code audits, and any relevant tools you've used. We want to see how your skills align with what we're looking for!

    Showcase Your Projects: Include specific projects where you've implemented security measures or conducted penetration tests. This gives us a clear picture of your hands-on experience and how you tackle real-world challenges in application security.

    Be Clear and Concise: When writing your cover letter, keep it clear and to the point. Explain why you're passionate about application security and how your background makes you a great fit for our team. We appreciate straightforward communication!

    Apply Through Our Website: Don't forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at StudySmarter!

    How to prepare for a job interview at Fortinet

    ✨Know Your Stuff

    Make sure you brush up on your knowledge of OWASP TOP 10 vulnerabilities and common API security risks. Be ready to discuss how you've applied this knowledge in past roles, especially when it comes to code reviews and penetration testing.

    ✨Showcase Your Experience

    Prepare specific examples from your 5+ years of experience that highlight your skills in application security. Talk about the tools you've used for DAST, SAST, and IAST, and how you've implemented security strategies in a CI/CD pipeline.

    ✨Communicate Clearly

    Since you'll be working with both technical and non-technical teams, practice explaining complex security concepts in simple terms. This will show your ability to bridge the gap between different teams and ensure everyone is on the same page.

    ✨Stay Current

    Research the latest trends in application security, including emerging threats and new technologies. Being able to discuss recent developments or attack vectors will demonstrate your proactive approach and passion for the field.

    Senior Application Security Engineer
    Fortinet
    Go Premium

    Land your dream job quicker with Premium

    You’re marked as a top applicant with our partner companies
    Individual CV and cover letter feedback including tailoring to specific job roles
    Be among the first applications for new jobs with our AI application
    1:1 support and career advice from our career coaches
    Go Premium

    Money-back if you don't land a job in 6-months

    F

    • Senior Application Security Engineer

      Full-Time
      36000 - 60000 £ / year (est.)
    • F

      Fortinet

      1001-5000
      View Fortinet Profile
    Similar positions in other companies
    UK’s top job board for Gen Z
    discover-jobs-cta
    Discover now
    >