Senior Application Security Engineer
Share
Job Location:
Monthly Salary:
Posted on:
2 days ago
Vacancies:
1 Vacancy
Job Summary
Ready to shape the future of data
Matillion is the intelligent data integration platform.
Were changing how the world works with data and we need driven curious people who think big and move fast.
We built the Data Productivity Cloud to supercharge data productivity and now were shaping the future of data engineering with Maia our AI-powered virtual data engineers that help teams design build and manage data pipelines at unmatched speed.
Join #TeamGreen where the mission comes first collaboration drives us forward and everyone pulls in the same direction to make a dent in the universe bigger than ourselves.
Role Purpose
Matillion is built around small development teams utilising a modern cloud-based technology stack to deliver products. The AppSec Engineer will work in an engineering capacity to product and engineering teams to ensure security is baked into the product from the design phase creating a SecDevOps workflow.
What you will be doing
Design
Establish and lead security champions programme across the development squads
Build functional and nonfunctional requirements for the application in conjunction with the product team
Input abuse case stories into the product backlog
Evangelise security across the product team ensuring security stories are prioritised against feature goals
Assess SDLC security gap risks and propose remedies
Consult
Instruct and guide developers on how to conduct Threat Modelling during application Design
Act as the single point of contact for security concerns arising from the development team providing advice on how to solve technical software issues
Lead the pentesting cadence around the core application set by conducting hacking exercises
Provide application code reviews against known development frameworks such as OWASP ASVS
Provide input into the design of functional and non-functional security controls such as customer authentication workflows
Run Security Champion sessions to keep developers aware of security developments
Engineer
Establish security into the CICD pipeline such as SAST/IAST/DAST
Automate and build nifty security tools to test Matillion applications
Integrate testing build failures and outputs to the development team to ensure passage to production is secure
Create security tests for code and assist developers in building security unit testing
Support
Responsive support to the development teams
Analysis of logs to identify issues and provide solutions
Innovation
Research projects including prototyping to explore future opportunities
Investigate new technologies
Optimise the infrastructure deployment process through use of automation in-house and open source solutions
Self-Development and Growth
Develop new skills by working with other members of the team
Work with the Team Lead to identify training goals
Lead and partake in technical discussions within the team
Actively identify and complete opportunities for self-training and external training
Drive the teams process of continual improvement
What we are looking for
Technical / Role Specific
Essential
A passion and drive to succeed in Application Security
Understanding of Software Development Life Cycle
Desirable
Security professional at heart borne froma software engineering background
Experience of working with the OWASP ASVS framework
Experience in Agile delivery environments
Greenfield experience setting up security technologies from scratch
Outgoing and able to build relationships with key stakeholders
Personal Capabilities Required e.g. skills attitude strengths
Can do attitude willing to take on a wide range of security issues
Keeps up to date with security developments
Keen to engage with the security community on a range of topics
Fast learner
At Matillion were here to do something hard - change the way the world works with data and build a great company along the way. Big bold goals arent for the faint-hearted and we dont shy away from them. But we dont do it alone. No egos no politics - just great people working together guided by our six core values;
- Confidence without arrogance
- Working with integrity
- Customer obsessed
- Innovate and demand quality
- Bias for action
- We care
We operate a flexible working culture that promotes work-life balance with benefits including:
- Company Equity
- 27 days paid time off
- 12 days of Company Holiday
- 5 days paid volunteering leave
- Group Mediclaim (GMC)
- Enhanced parental leave policies
- MacBook Pro
- Access to various tools to aid your career development
More about Matillion
Thousands of enterprises including Cisco London Stock Exchange Group EDF and Slack trust Matillion for a wide range of use cases from insights and operational analytics to data science machine learning and AI. We are a truly global workforce dual headquartered in Manchester UK and Denver Colorado with expanding offices in Hyderabad India along with valuable remote colleagues around the world.
We are keen to hear from prospective Matillioners so even if you dont feel you match all the criteria please apply and a member of our Talent Acquisition team will be in touch. Alternatively if youre interested in Matillion but dont see a suitable role please email emailprotected.
Find out more about life on #TeamGreen here.
Matillion is an equal opportunity employer. We celebrate diversity and we are committed to creating an inclusive environment for all of our team. Matillion prohibits discrimination and harassment of any type. Matillion does not discriminate on the basis of race colour religion age sex national origin disability status genetics sexual orientation gender identity or expression or any other characteristic protected by law.
Required Experience:
Senior IC
Key Skills
- Continuous Integration
- SQL
- .NET
- Debugging
- C/C++
- Go
- Root cause Analysis
- ASP.NET
- C#
- Application Development
- JavaScript
- Teradata
About Company
Matillion helps teams get data business-ready, faster. Thousands of enterprises trust us to load, transform, sync, and orchestrate their data in the cloud.
