Senior Application Security Engineer
Senior Application Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Experian Global Security Office are looking for an experienced Senior Application Security Engineer to enhance our application security processes with emphasis on business engagement.
You will be responsible for static SCA and dynamic scanning collaborating with software engineers provide flaw mitigation recommendations and implementing automated security controls throughout the development lifecycle and CI/CD pipelines. Ensure the Software Security Policy and Baseline requirements are met for new Agile deliveries and for legacy estate with flaws and issues managed throughout all stages of an applications life.
This is a remote UK-based position reporting to the Manager of Application Security
Main Responsibilities
- Collaborate with software engineers and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC).
- Work with development teams to understand their needs and the risk profile for each application and customize solutions to meet the needs of the application
- Collaborate on the implementation and management of SAST SCA DAST and other scanning solutions to provide coverage for the application portfolio
- Guide development teams through a review of their applications and risks against common application flaws (e.g. OWASP Top 10) and provide prioritized visibility to senior management along with context
- Operate as an advocate for Security in interactions with internal and external teams
- Work with Risk & Compliance teams on audits (e.g. SOC 2 PCI-DSS HIPAA) and recommend relevant Application Security policy and procedures
- Contribute to internal and external/client audits ensuring compliance with security standards
- Lead projects to implement security technologies enterprise-wide
- Integrate 3rd party and build custom solutions into our CI/CD pipelines and development cycles.
- Define security guardrails through automated tool policies Service level agreements custom rules and support the developer community
- Support the enterprise in managing vulnerabilities through automated tooling and security assessments
- Work with Security Champions to build relationships and ensure main activities are supported and deliverables are achieved promptly.
Qualifications :
- Direct experience in enterprise-level application security.
- Experience in AppSec or DevSecOps collaborating and presenting to developers supporting development teams to adopt and mature secure development practices
- Proficiency with SAST SCA DAST IAST RASP and others tools associated with DevSecOp.
- Experience with programming and software development including CI/CD pipelines and related technologies such as Git Jekins Maven Chef Puppet Ansible Nexus Artifactory and NPM
- Experience overseeing the linking of applications between different departments and systems
- Understanding of MITRE OWASP SafeCode and risk management methodologies as they relate to integration/software testing.
- Good project management skills or substantial exposure to project-based work structures project lifecycle models
- Knowledge of cloud and GenAI security is an advantage.
Additional Information :
Benefits package includes:
- Great compensation package and discretionary bonus plan
- Core benefits include pension bupa healthcare sharesave scheme and more
- 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experians DNA and practices and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work irrespective of their gender ethnicity religion colour sexuality physical ability or age. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
Remote Work :
No
Employment Type :
Full-time
Employment Type
Full-time
