Application Security Specialist

Security

Ref: 1131Tuesday 3 May 2022

Application Security Specialist

Net Talent are working with a pioneering technology company that specialise in software for electrical utilities across the UK, Europe, and North America. Our client is looking to add an Application Security Specialist to their team.

Working closely with our architects, software engineering and DevOps teams you will provide expertise to inform and validate the secure design and development of SGS platform and applications. The position reports to the Director of Information Security.

 

Responsibilities and Objectives

• Ensure that application security is embedded into the software delivery lifecycle

• Support secure product architecture & design functions

• Lead and facilitate application security reviews and threat modelling 

• Plan and deliver developer security training in secure coding techniques

• Work with our DevOps team in development of automated security testing

• Develop, maintain and exercise regular vulnerability analysis and security auditing of products

• Perform secure code reviews

• Develop functional security testing scripts and procedures and find opportunities to automate security testing and processes

• Identify inherent vulnerabilities and information security risks within systems and applications

• Support commercial functions by contributing to bids & reviews

• Align the company products & policies with known industry security standards

• Maintain an inventory of all product software components, including their security status and ensure the timely sunsetting of unsupported components

• Advise on third party product security compliance and suitability

 

Required Skills and experience:

• Experience of web and application security

• Experience of security tools including static/dynamic analysis, and common security tools

• Good understanding of secure coding methodologies

• Understanding of cryptography and TLS certificate lifecycle management

• Experience with agile software development practices and methodologies

• Understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols). Experience with industrial protocols is desirable.

• Experience identifying security issues through code review.

• Excellent communication skills with an ability to communicate clearly on technical topics to the wider business

• Experience in conducting and managing application security risk

• Exposure to industry standards e.g.

 

Location: Glasgow

Job Type: Full time, Permanent

 

Compensation and Benefits

✓ Competitive salary, dependent upon experience

✓ 33 days holiday (inclusive of 3 public days)

✓ 5% matched Employer pension scheme

✓ Private Medical Insurance through Vitality

✓ Life Cover (3x)

✓ Cyclescheme