Application Security Specialist
- Employer
- Nicolson Bray
- Location
- Milton Keynes, Buckinghamshire
- Salary
- Negotiable depending on experience
- Closing date
- 28 May 2019
View more
- Sector
- IT, Logistics, Security
- Job Role
- Application Security
- Job Type
- Permanent
You need to sign in or create an account to save a job.
THE ROLE
As the application security specialist, you will the technical lead for application security across Europe. As such you will be responsible for internally executed SAST and DAST scanning, externally executed penetration testing and secure coding. You will be working as part of a growing global team in an exciting technology led environment.
Duties and responsibilities:
- Working with a number of technical stakeholders to:
- integrate Security controls into the SDLC
- guide and perform security activities including risk assessments, intrusion attempts, vulnerability testing and analysis, code review, static and dynamic code testing, and penetration testing of mobile and web applications;
- provide responses and action plans to external security assessments
- Scoping penetration tests and analysing the results
- Carrying out SAST and DAST scanning using the in-house toolset, and reviewing the results
- Prioritising all application security vulnerabilities and co-ordinating with development and project teams to ensure they are remediated in a timely manner
- Educating the development community on secure coding practices
SKILLS AND EXPERIENCE REQUIRED
- Experience with DAST, SAST and MAST scanners
- Good working knowledge of OWASP and familiarity with SecDevOps
- Knowledge of and experience with commercial and open source application security tools such as IBM Appscan, Veracode, Metasploit, Checkmarx, QARK, Burp Suite, Arachni, Nikto, Retina, BlackDuck, Nmap, Kali Linux, and Wireshark
- Knowledge and experience in application security testing including penetration testing and code review
- Understanding of securing applications in a cloud environment
- Deep knowledge of security technologies, protocols and controls such as, firewall management, system hardening, encryption, PKI, IDS/IPS, Application firewalls, different type of attacks
- Working knowledge of a variety of programming languages
- Excellent communicator and influencer
- Degree educated or equivalent work experience
- CISSP, GPEN, GWAPT, OSCP, CEH, CHECK certified
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert