Senior Application Security Engineer

Senior Application Security Engineer

Cambridgeshire Based - 1-2 days a week onsite

We are looking for an experienced Senior Application Security Engineer to join our client's expanding Cyber Security team. This is an incredible opportunity to craft a world-class Application Security function, playing a critical role in embedding security within all stages of the development lifecycle.

What you'll be doing:

• Becoming a key contributor to the Cyber team by focusing on application security architecture and implementing a robust risk management programme.
• Collaborating closely with different teams to devise plans, perform threat modelling, adopt architecture best practices, drive secure development lifecycles, and manage risk remediation.
• Providing expertise in security best practices and compliance while undertaking hands-on security testing.
• Identifying application security risks and supporting requirements for new projects and system developments.
• Representing the Cyber team during review sprints to ensure application security is prioritised before deployment.
• Partnering with architecture and development teams to review application design and code for security vulnerabilities.
• Establishing and promoting a threat modelling capability to evangelise secure coding practices in the development lifecycle.
• Delivering technical advice to ensure security standards are fully understood and complied with across teams.
• Developing and integrating security testing plans into the Secure Software Development Lifecycle (S-SDLC).
• Performing and overseeing security testing while managing remediation plans for identified vulnerabilities.

What we're looking for:

• Experience in Software Engineering and Application Security.
• In-depth understanding of application security vulnerabilities, testing techniques, and familiarity with the OWASP framework.
• Deep expertise in secure web application development and Agile development methodologies.
• Exceptional communication and influencing skills, capable of collaborating effectively up to senior management levels.
• Comprehensive knowledge of IT and information security disciplines, with an ability to promote and deliver security awareness initiatives.
• Experience in working with the hacker/penetration testing community is desirable.

If you are passionate about driving secure-by-design initiatives and want to work in a team that values innovation and collaboration, we'd love to hear from you.

Please apply with a copy of your CV or email - (url removed)