IT Industry News. Daily.
As a Secure Application Specialist, you will work collaboratively with the entire Technology team, although this may extend to other teams and other other systems, to drive our internal information security program and cyber resilience goals.
You’ll help us scale our information security program and compliance efforts by being a proactive, force multiplier across teams, especially our engineering teams who are building our various products and services. This role will focus on playing a key role in identifying security vulnerabilities as early as possible, and working with the teams to educate on these vulnerabilities and improve our coding practices to shift security as far left in the development process as possible.Design and implement security solutions for applications and infrastructure.Collaborate with development teams to ensure secure coding practices.Conduct regular security assessments of APIs and remediate vulnerabilities.Ensure compliance with PCI DSS standards and other regulatory requirements.Assist with documenting and maintaining security policies, procedures, and standards, especially with regard to the scope of the role.Regularly conduct vulnerability assessments and penetration tests across all systems.Incident Response and MonitoringImplement and manage security monitoring tools such as SIEM and IDS/IPS.Write secure code and develop security tools and scripts.Integrate security tools into CI/CD pipelines.Participate in security research and development activities.Secure Coding Techniques and Best PracticesAssist with creating guides, standards, and other content to support teams in this regard.We’re looking for someone who has:Minimum of 4-6 years of experience in information security engineering.Very good penetration testing skills, with a focus on cloud-based technologies.Relevant certifications such as CEH, OSCP, CREST or CSSLP. Proficiency in security tools such as SIEM, IDS/IPS, and firewalls, and general networking good practice.Excellent problem-solving and analytical skills.A deep understanding of application security, especially within API’s and financial and/or e-commerce platforms. A deep understanding of various coding languages and software deployment strategies particularly within cloud environments . A deep understanding of Penetration Testing and vulnerability assessment techniques and how to grow and scale these techniques in automated fashion, while still maintaining the value that can only be achieved from manual testing.The ability to work under pressure and in a dynamic, fast-paced environment.In the near future you’ll be focusing on: In the first 3 to 6 months, the Security Engineer will undergo comprehensive onboarding and training, familiarizing themselves with company policies, procedures, and security standards. They will set up their work environment, meet key stakeholders, and review existing security documentation and architecture. Initial tasks include participating in security monitoring, incident response, and assessing API and general system/network security through various vulnerability assessments and penetration tests. They will ensure compliance with PCI DSS standards through regular audits and contribute to ongoing security projects. The role involves developing and automating security tools, integrating them into CI/CD pipelines, and leading advanced security initiatives. The engineer will also assist in updating security policies, provide training on secure coding practices, and stay updated with the latest security trends. Effective communication with stakeholders and cross-functional collaboration will be key, fostering a culture of security awareness and continuous improvement.
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Software Engineer (Go, Java, C/C++) (CPT Hybrid)IT Industry News. Daily.
Read more »
Senior Java Software Engineer (Remote)IT Industry News. Daily.
Read more »
Software Engineer - Western Cape StellenboschIT Industry News. Daily.
Read more »
Software Engineer - IT-OnlineIT Industry News. Daily.
Read more »
Senior Software Engineer - IT-OnlineIT Industry News. Daily.
Read more »
Senior Security Engineer - IT-OnlineIT Industry News. Daily.
Read more »