Search jobs
Ask us a question

How can we help?

If you have any questions please do not hesitate to get in touch. Call or email the team now.

Contact information

Apply for this job

Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!

Ref: #42882

Application Security Engineer

  • Practice Cloud & Infrastructure

  • Technologies Infrastructure & Cloud

  • Location Malmo , Sweden

Next Ventures are currently executing a search for a n Application Security Engineer

English speaking role 
Location : Malmo 

If shortlisted, interviews are expected next week and week after Initially remote but need to be onsite when corona situation improves. 

 Primary Responsibilities:

•             Partner with Application Development, DevOps, Quality Engineering, Quality Assurance, and Infrastructure teams to support a continuous “Secure by Design” model to integrate into the full Software Development Life-cycle.

•             Discover opportunities to drive integration& automation of application& cloud security controls into CI/CD pipelines.

•             Lead vulnerability management for application and AWS cloud security and provide remediation support and security expertise.

•             Track and report security vulnerabilities and remediation activities to Security

•             Design threat models to assess security risks with new applications or features.

•             Perform application security reviews, verify cloud security configuration, and assess for secure code development.

•             Communicate technical application security concepts and recommendations to developers, architects, and functional leaders.

•             Promote secure coding practices within the software development teams.

•             Continually research and maintain awareness of current vulnerabilities, exploits, and application related cyber threats.

•             Provide support, maintenance & policy creation, for SAST, DAST, SCA, Container Security & WAF solutions.

 

Experience and Skills needed:

•             Minimum 5 years of direct experience in application security, software development security, and/or application penetration testing.

•             Application or security certifications preferred (e.g., CISSP, CCSP, CSSLP, OSCP, GWEB, CEH, etc.)

•             Experience working with fast moving Agile development teams

•             Experience in Cloud security including AWS.

•             Developing, integrating, and enabling security engineering test automation into a CI/CD pipeline.

•             Good knowledge or Development experience with Java, JavaScript, NodeJs, Angular, REST API a must.

•             Experience with any of the application security tools as SonarQube, OWASP Dependency Track, OWASP Dependency Check, Portswigger BurpSuite.

•             Experience with security in containerized infrastructure (Docker, Kubernetes, EKS)

•             Hands-on on container security tools like Anchor, Docker Bench, Kube Bench

•             Know and recognize application security issues such as cross-site scripting, cross-site request forgery, authorization, injection attacks, etc. in code and provide remediation recommendations.

•             Subject matter expert of OWASP or SANS.

more information is available on application .

Apply now