Application Security Engineer

London, United Kingdom

Applications have closed

FlexTrade

FlexTrade offers tailored solutions for every trading challenge on both the buy-side & sell-side. Contact us today to unlock your full trading potential.

View company page

The Team

The Global Information Security team’s mission is to ensure FlexTrade and client’s security globally and to ensure solutions implemented by FlexTraders are secure and fulfill FlexTrade’s mission – Trade Your Best.

About You

FlexTrade Global Information Security is looking for an Application Security Engineer who loves what they do. Reporting to the Global Information Security Manager, you’ll work with FlexTraders globally. The primary focus will be on ensuring FlexTrade internal applications are secure

Responsibilities

  • Understand the end-to-end design of all company products
  • Perform static application security testing (SAST) of the code base
  • Perform dynamic application security testing (DAST) using open source and commercial tools
  • Identify and help developers understand how to mitigate vulnerabilities originating from third party components
  • Review security alerts and reports and work closely with the DevOps team to design workflows

Requirements

Skills & Experience

  • 3 -5 years of experience with application security/penetration testing work.
  • Experience using common application security testing tools and techniques to perform security assessments across web/mobile/API technologies.
  • Experience identifying security issues, assessing risk, and providing remediation guidance.
  • Experience working with Agile development/Scrum teams.
  • Have hands-on experience with various programming languages such as C++, Java and python.
  • Have knowledge of Software development life cycle
  • Have hands-on experience with DevSecOps and securing the CI/CD pipeline.
  • Have knowledge of Application Security Best practices and guidelines such as OWASP Application Security Verification Standard (ASVS) and OAuth2.
  • Experience with automation tools (e.g., Jenkins, Bamboo, GitLab, Kubernetes, Ansible, Chef, Puppet)
  • Understanding of cloud technology (Azure/AWS)

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile Ansible APIs Application security Automation AWS Azure C CI/CD Cloud DAST DevOps DevSecOps Java Kubernetes Open Source OWASP Pentesting Puppet Python SAST Scrum Security assessment Vulnerabilities

Region: Europe
Country: United Kingdom
Job stats:  17  5  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.