+44 (0)207 549 4040 Speak to a consultant now

Apply for this job

Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!

Ref: #42882

Application Security Engineer

  • Practice Cloud & Infrastructure

  • Technologies Infrastructure & Cloud

  • Location Malmo , Sweden

Next Ventures are currently executing a search for a n Application Security Engineer

English speaking role 
Location : Malmo 

If shortlisted, interviews are expected next week and week after Initially remote but need to be onsite when corona situation improves. 

 Primary Responsibilities:

•             Partner with Application Development, DevOps, Quality Engineering, Quality Assurance, and Infrastructure teams to support a continuous “Secure by Design” model to integrate into the full Software Development Life-cycle.

•             Discover opportunities to drive integration& automation of application& cloud security controls into CI/CD pipelines.

•             Lead vulnerability management for application and AWS cloud security and provide remediation support and security expertise.

•             Track and report security vulnerabilities and remediation activities to Security

•             Design threat models to assess security risks with new applications or features.

•             Perform application security reviews, verify cloud security configuration, and assess for secure code development.

•             Communicate technical application security concepts and recommendations to developers, architects, and functional leaders.

•             Promote secure coding practices within the software development teams.

•             Continually research and maintain awareness of current vulnerabilities, exploits, and application related cyber threats.

•             Provide support, maintenance & policy creation, for SAST, DAST, SCA, Container Security & WAF solutions.

 

Experience and Skills needed:

•             Minimum 5 years of direct experience in application security, software development security, and/or application penetration testing.

•             Application or security certifications preferred (e.g., CISSP, CCSP, CSSLP, OSCP, GWEB, CEH, etc.)

•             Experience working with fast moving Agile development teams

•             Experience in Cloud security including AWS.

•             Developing, integrating, and enabling security engineering test automation into a CI/CD pipeline.

•             Good knowledge or Development experience with Java, JavaScript, NodeJs, Angular, REST API a must.

•             Experience with any of the application security tools as SonarQube, OWASP Dependency Track, OWASP Dependency Check, Portswigger BurpSuite.

•             Experience with security in containerized infrastructure (Docker, Kubernetes, EKS)

•             Hands-on on container security tools like Anchor, Docker Bench, Kube Bench

•             Know and recognize application security issues such as cross-site scripting, cross-site request forgery, authorization, injection attacks, etc. in code and provide remediation recommendations.

•             Subject matter expert of OWASP or SANS.

more information is available on application .

Apply now