At a Glance
- Tasks: Join our security team to enhance application security and protect vital information.
- Company: Dynamic security vendor focused on innovation and collaboration.
- Benefits: Competitive salary, flexible benefits, and remote work options.
- Other info: Great opportunity for career growth in a supportive team environment.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technologies.
- Qualifications: Software engineering background with knowledge of application security frameworks.
The predicted salary is between 60000 - 80000 € per year.
Role Overview
Working for a security vendor, the Security team are accountable for the company’s Information Security, Security Architecture, Security Compliance, Security Awareness, Security Operations and Information Security Risk Management Activities. You’ll work closely with development and operational teams to design, implement/recommend application security controls. This is a new role for the company requiring a passion for cyber security and a hands‑on development background to create and develop the application security capabilities as part of the SDLC. Ideally you will have a background in software development.
Main Tasks and Responsibilities
- Assess and identify gaps in current application security controls and provide guidance to resolve and remediate based on risk to the business.
- Working with the DevOps teams, establish and design processes to improve the secure development of products and services during the SDLC.
- Provide guidance and support during development and rollout of new product features by understanding their requirements and model/evaluate likely threat vectors.
- Provide security expertise and guidance to the Development Teams.
- Promote a security‑focused culture as part of the SDLC, educating DevOps teams in security best practices.
- Conduct/Lead threat modelling and security design activities alongside Dev/Engineering Teams.
- Work with 3rd parties to support vulnerability and penetration testing.
- Process reports from external penetration testing vendors and coordinate feedback with teams to ensure actions are followed to mitigate identified risks.
Skills
- Software engineering background is a must with knowledge of Application Security Frameworks e.g. OWASP SAMM/DSOMM etc.
- Hands‑on knowledge of information security processes such as security design review, threat modelling, OWASP Top 10, risk analysis, and software testing techniques.
- Strong understanding of application security awareness, including the security of web applications.
- Experience with risk management activities – identifying, assessing and providing remediation options for application and technology risks.
- Knowledge of Agile methodologies is a must.
- Knowledge of backend and frontend web application vulnerabilities.
- Knowledge of OWASP Top 10, SANS Top 25 etc.
- Experience working in AWS/Azure/GCP would be beneficial.
- Knowledge of CI/CD pipelines.
- Thorough understanding of SAST, DAST (including fuzzing), endpoint and perimeter scanning etc.
- Familiarity with industry security standards (ISO27001, NIST, CCM etc).
- Network and infrastructure experience.
- API gateway security, WAF and IDS, SSO, SAML etc.
- At least one professional security certification e.g. CISSP, CEH, GCIH, GCFA, CSSLP etc or working towards.
Pre-requisites
- Excellent analytical skills with the ability to see the bigger picture.
- Excellent communication skills with the ability to influence multiple stakeholders.
- Ability to self-motivate and define priorities to meet deadlines.
- Good team‑oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles.
- Ability to effectively present and communicate security threats and risks to any audience and impress upon them the mitigation techniques and strategies.
Benefits
- Competitive salary & flexible benefits.
- Flexible locations / remote.
Application Security Engineer in London employer: Trilaty Group
As an Application Security Engineer at our innovative security vendor, you'll thrive in a dynamic work culture that prioritises collaboration and continuous learning. We offer competitive salaries, flexible benefits, and the opportunity to work remotely, ensuring you can balance your professional and personal life while contributing to meaningful security initiatives. Join us to enhance your skills in a supportive environment that values your passion for cyber security and fosters your growth within the industry.
StudySmarter Expert Advice🤫
We think this is how you could land Application Security Engineer in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at local meetups. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your application security projects or contributions. This is a great way to demonstrate your hands-on experience and passion for cyber security.
✨Tip Number 3
Prepare for interviews by brushing up on common application security scenarios. Be ready to discuss how you've tackled security challenges in past roles, especially in relation to the SDLC.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Application Security Engineer in London
Some tips for your application 🫡
Show Your Passion for Cyber Security:Let us see your enthusiasm for cyber security shine through in your application. Share any personal projects or experiences that highlight your commitment to keeping applications secure. We love seeing candidates who are genuinely excited about the field!
Tailor Your Application:Make sure to customise your CV and cover letter to reflect the specific skills and experiences mentioned in the job description. Highlight your software development background and any relevant application security frameworks you’re familiar with. This helps us see how you fit into our team!
Be Clear and Concise:When writing your application, keep it straightforward and to the point. Use clear language to describe your experiences and skills, especially those related to application security and risk management. We appreciate a well-structured application that’s easy to read!
Apply Through Our Website:We encourage you to submit your application directly through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at StudySmarter!
How to prepare for a job interview at Trilaty Group
✨Know Your Stuff
Make sure you brush up on your application security frameworks like OWASP SAMM and the OWASP Top 10. Be ready to discuss how these frameworks apply to real-world scenarios, especially in the context of the SDLC. This shows that you’re not just familiar with the theory but can also apply it practically.
✨Show Off Your Development Skills
Since a background in software development is crucial for this role, be prepared to share examples of your past projects. Talk about how you’ve integrated security into the development process and any specific challenges you faced. This will demonstrate your hands-on experience and passion for both development and security.
✨Communicate Clearly
You’ll need to influence various stakeholders, so practice explaining complex security concepts in simple terms. Think about how you would present security threats and mitigation strategies to non-technical team members. Clear communication can set you apart from other candidates.
✨Be Ready for Scenario Questions
Expect to tackle scenario-based questions where you might have to assess security gaps or suggest improvements. Prepare by thinking through potential vulnerabilities in applications you’ve worked on and how you would address them. This will showcase your analytical skills and ability to think critically under pressure.
