Application Security Engineer - I
TideOur award-winning business account gives time back to people who work for themselves. Join our community of entrepreneurs just like you!
First and foremost you will be passionate about security and secure application design. You will love helping engineers create more secure web and mobile applications.
You will be comfortable explaining security issues and concerns to both product owners and engineers and love the feeling you get when this results in them releasing a more resilient product.
You will be a keen proponent of using automation in software build and deployment pipelines to ensure that any new release is tested for security bugs and bug classes before it hits production.
You will be a keen follower of all things Infosec and constantly be on the lookout for ways to apply new industry trends and tools to your day to day role.
Some of the things you’ll be doing:
- Building security into our CI\CD pipeline
- Owning and defining Tide’s threat modelling methodology, and embedding this across Tide’s engineering community
- Liaising with finders on Tide’s bug bounty program and helping decide a suitable reward for anything identified as in scope
- Performing application security design evaluations and code reviews, and providing subject matter expertise around these topics
- Owning and nurturing the relationship between Information Security and Engineering, and developing good working practices between the two teams
- Improving Tide’s engineering standards in line with industry best practices by embedding a secure by default approach into all stages of the development lifecycle
- Evaluating, implementing and managing 3rd party application security tools that complement Tide’s existing technology stack
- Developing a repository of tailored application security training content for consumption by Tide’s engineering community
- Balancing information security risk with product feature advancement, and incorporating the use of best-practice risk management methodology within the development process
What you’ll get in return:
- Competitive salary
- Health Insurance, Life insurance and Accident insurance
- 25 days annual leaves
- Enhanced family-friendly leave
- Special Dental Allowance
- Learning & Development Budget
- Stock Options
You’ll be a great fit if:
- You are able to intuitively find flaws in software and can effectively communicate how to fix them
- You have the ability to think like an attacker and use that context to develop threat models
- You can enable other engineering teams to find flaws before they are introduced into production
- You have technical knowledge in one of the following: cloud security, web application security, mobile security
- You have knowledge of secure coding and best practices
- You have a hands-on attitude and the ability to drive solutions to completion
- You have experience with OWASP frameworks, static & dynamic analysis, and common exploitation methods
- You may have knowledge of OWASP SAMM
- You may have experience working within the Fintech sector
- You may have worked within a fast scaling business
- You may have familiarity with fuzzing as a way to find bugs
- You have software engineering experience in an agile environment
Who are Tide?
We’re the UK’s leading provider of smart current accounts for sole traders and small companies. We’re also on a mission to save business owners time and money on their banking and finance admin so they can get back to doing what they love - for too long, these customers have been under-served by the big banks.
Our offices are in London, UK, Sofia, Bulgaria, Hyderabad and Gurugram, India, where our teams are dedicated to our small business members, revolutionizing business banking for SMEs. We are also the leading provider of UK SME business accounts and one of the fastest-growing fintechs in the UK.
We’re scaling at speed with a focus on hiring talented individuals with a growth mindset and ownership mentality, who are able to juggle multiple and sometimes changing priorities. Our values show our commitment to working as one team, working collaboratively to take action and deliver results. Member first, we are passionate about our members and put them first. We are data-driven, we make decisions, creating insight using data.
We’re also one of LinkedIn’s top 10 hottest UK companies to work for.
Here’s what we think about diversity and inclusion…
We build our services for all types of small business owners. We aim to be as diverse as our members so we hire people from a variety of backgrounds. We’re proud that our diversity not only reflects our multicultural society but that this breadth of experience makes us awesome at solving problems. Everyone here has a voice and you’ll be able to make a difference. If you share our values and want to help small businesses, you’ll make an amazing Tidean.
A note on the future of work at Tide:
Tide’s offices are beginning to open for Tideans to return on a voluntary basis. Timelines for reopening will be unique for each region and will be based on region-specific guidelines. The health and well-being of Tideans and candidates is our primary concern, therefore, for the foreseeable future, we have transitioned all interviews and onboarding to be conducted via Zoom.
Once offices are fully open, Tideans will be able to choose to work from the office or remotely, with the requirement that they visit the office or participate in face-to-face team activities several times per month.
Other jobs like this
Senior Application Security Engineer (BE - Java Code Audit)Application security Auditing Audits Blockchain Code analysis Crypto Finance Java Vulnerabilities
Career development Competitive pay Flat hierarchy Flex hours Relocation
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Head of Information Security jobs
- Open Senior Information Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Staff Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Azure Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cloud Security Operations Lead jobs
- Open Cybersecurity Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open Encryption-related jobs
- Open CEH-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Threat detection-related jobs
- Open Open Source-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open DevSecOps-related jobs
- Open Machine Learning-related jobs