Senior Application Security Engineer
Senior Application Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We are seeking an experienced Application Security Engineer to enhance our application security processes with a strong emphasis on business engagement. This role requires excellent communication skills to effectively interact with business unit leaders and executives. The ideal candidate will be responsible for static SCA and dynamic scanning collaborating with software engineers provide flaw mitigation recommendations and implementing automated security controls throughout the development lifecycle and CI/CD pipelines. Ensure the Software Security Policy and Baseline requirements are met for new agile deliveries and for legacy estate with flaws and issues managed effectively throughout all stages of an applications life.
Reporting Relationship
Reports to the Manager of Application Security
Key Responsibilities
Collaborate with software engineers and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC).
Work closely with development teams to understand their needs and the risk profile for each application and customize solutions to meet the needs of the application
Collaborate on the implementation and management of SAST SCA DAST and other scanning solutions to provide coverage for the application portfolio
Guide development teams through a review of their applications and risks against common application flaws (e.g. OWASP Top 10) and provide prioritized visibility to senior management along with context
Operate as an advocate for Security in interactions with internal and external teams
Work with Risk & Compliance teams on audits (e.g. SOC 2 PCIDSS HIPAA) and recommend relevant Application Security policy and procedures
Actively contribute to internal and external/client audits ensuring compliance with security standards
Lead projects to implement security technologies enterprisewide
Integrate 3rd party and build custom solutions into our CI/CD pipelines and development cycles.
Define security guardrails through automated tool policies SLAs custom rules and support the developer community
Support the enterprise in managing vulnerabilities through automated tooling and security assessments
Work with Security Champions to build relationships and ensure key activities are supported and deliverables are achieved in a timely manner.
Support education and awareness strategy rollout for Development community.
Support the AppSec technical team in maximizing effective relationship with Business Units
Explore and engage in process improvement initiatives to enhance application security
Qualifications :
Position Requirements
Education & Certification
Fouryear college diploma or university degree in computer science or computer engineering and/or 5 years equivalent work experience in application development.
CSSLP certification preferred.
Additional certifications in Application Testing Mechanisms are a plus.
Knowledge & Experience
5 years direct experience in enterpriselevel application security.
Proficiency with SAST SCA DAST IAST RASP tooling.
Experience in AppSec or DevSecOps.
Experience with CI/CD pipelinesand cloudbased architectures.
Proven experience in overseeing the linking of crossfunctional applications between disparate business units and systems.
Experience with business and technical requirements analysis business process modeling/mapping methodology development and data mapping.
Strong understanding and background in MITRE OWASP SafeCode risk management methodologies as they relate to integration/software testing.
Good project management skills and/or substantial exposure to projectbased work structures project lifecycle models etc.
Strong understanding of enduser needs and requirements.
Excellent understanding of the organizations goals and objectives.
Knowledge of cloud and GenAI security is an advantage.
Personal Attributes
Exceptional oral and interpersonal communication skills.
Additional Information :
Additional Information
Why choose us
Our colleagues health and wellbeing are a top priority for us thats why our reward benefits and wellbeing programmes are designed so you can come to work feeling your very best self. Our benefits focus on health money and lifestyle so you can tailor your benefits to your own personal needs. Whether its your physical and mental wellness getting to work or preparing for the next big milestone in your life we have a range of flexible options to have you covered!
To learn more about our culture and what its really like to work here check out our interactive guide here:
Could this be the role for you Apply now to start your journey with Experian.
Experian Careers Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
