Job Description:
We are seeking a skilled Application Security Engineer to join our customers team in Dublin. The Application Security Engineer will play a crucial role in ensuring the security of our customers applications and software systems.
In this role, you will inspect and lower security risks in our customer's applications. You will examine the code for security issues, use the best security methods, and help development teams strengthen their security. You will perform vulnerability assessments, recommend remediation actions, and ensure compliance with industry best practices and standards. The ideal candidate has robust knowledge of secure coding practices, application vulnerabilities, and security assessment tools.
This role will operate on a hybrid model, with 3 days working in the office and two days from home.
Key responsibilities & duties include:
- Application Security Assessment: Carefully examine the security of web, mobile, and desktop applications. Identify and evaluate any vulnerabilities or potential security risks. Perform static code analysis, dynamic application testing, and manual code reviews to uncover security weaknesses and recommend appropriate remediation actions
- Vulnerability Management: Identify and prioritise application vulnerabilities based on risk levels and potential impact. Collaborate with development teams to ensure timely resolution of identified vulnerabilities and track the progress of remediation efforts. Develop and implement vulnerability management processes and procedures
- Security Code Review: Review application code to identify security flaws, design weaknesses, and deviations from secure coding best practices. Provide guidance and recommendations to development teams on secure coding techniques, libraries, and frameworks to ensure the development of secure and resilient applications
- Security Architecture and Design: Collaborate with software architects and development teams to embed security controls and mechanisms into application designs. Participate in the design and implementation of secure software architectures, ensuring that security requirements and industry best practices are incorporated from the early stages of the development lifecycle
- Security Testing and Automation: Develop and implement automated security testing tools and frameworks to enhance the efficiency and efficiency of security assessments. Conduct application testing and vulnerability scanning to identify potential vulnerabilities and ensure the security robustness of applications
- Security Awareness and Training: Contribute to the development and delivery of security awareness and training programs for development teams. Promote a culture of secure coding practices, providing guidance on secure coding standards, secure software development methodologies, and emerging security trends
- Incident Response and Forensics: Assist in incident response activities related to application security incidents. Collaborate with incident response teams to investigate and examine security incidents, perform forensic analysis, and recommend improvements to prevent future incidents
- Security Compliance and Standards: Stay up to date with industry security standards, regulations, and frameworks relevant to application security. Ensure compliance with security standards such as OWASP, PCI DSS, and GDPR, and participate in security audits and assessments as required
Required Experience:
- Bachelor's degree in Computer Science, Information Security, or a related field
- Solid knowledge and awareness of application security principles, secure coding practices, and common vulnerabilities
- Hands-on experience with application security assessment tools
- Experience in performing security code reviews and manual application penetration testing
- Solid knowledge of secure software development lifecycle (SDLC) methodologies
- Familiarity with programming languages (e.g., Java, .NET, Python, JavaScript) and web technologies (e.g., HTML, CSS, REST, SOAP)
- Knowledge of secure coding practices for web and mobile applications
- Awareness of cloud security concepts and technologies (AWS, Azure, or similar)
- Exemplary management and delegation skills; influencing and managing activities as part of a cross functional areas to plan and execute effective delivery
- Impressive communication skills, with a robust ability to successfully communicate both internally and externally at levels up to Director and C Suite, and ability to make complex technology problem simple to the business. Must be capable of comprehending and communicating the big picture