Application Security Engineer
London, England, United Kingdom
Applications have closed
Codat
Codat’s universal API connects you to all of the systems your small business customers use with a single integration.What we do at Codat
Our mission is to make life easier for small and medium sized businesses, the backbone of our global economy.
We do that by working with fintech companies and financial institutions to help them connect into the systems their small business customers use. With this connectivity, our clients are building next generation products to take the friction out of running a small business, from business management software to alternative lending and corporate cards.
Codat is a Series C-funded company, backed by some of the leading investors and most successful tech companies in the world, including J.P. Morgan, Shopify, Plaid, PayPal Ventures, Amex Ventures, Index Ventures and Tiger Global. We have offices in London, New York and Sydney.
We live by our values of being united as a single team, building a product that is useful to our clients and their customers alike, and bringing a focus and urgency to our work that makes us unstoppable.
What you will be doing
- Designing and implementing scalable security solutions for our core infrastructure
- Developing and maintaining software application security policies and procedures
- Participating in and supporting application security reviews and threat modeling, including code review and dynamic testing.
- Owning and performing application security vulnerability management.
- Supporting the bug bounty program.
- Supporting and consulting with product and development teams in the area of application security.
- Assisting in the creation of security training.
- Assisting in the development of automated security testing to validate that secure coding best practices are being used
- Improving the company’s ability to respond to threats through technology selection, internal product development and implementations with an emphasis on automation.
- Developing processes, procedures and playbooks that will be used during an incident response process
What we’re up to right now
We anticipate massive growth in both people and products over the next few years. Where our Product and Engineering organization focus on delivering new product functionality, our application security team needs to ensure that the entire platform is always secure by default, by coordinating/leading the efforts of many and directing them towards a focused outcome.
What excites us
- Familiarity with common security libraries, security controls, and common security flaws.
- Development and scripting experience. C# .NET and/or Python is preferred.
- Experience with OWASP ASVS, static/dynamic analysis, and common security tools.
- Experience working with developers.
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
- Experience identifying security issues through code review.
- CompTIA PenTest+, CASP,+ or similar certifications such as; CISSP, CISM, GCIH.
- You are confident representing your ideas and opinions in a manner that can be challenged and respond to feedback well
- You have built out detection and response programs for a SaaS or cloud-native company
Salary banding
£90,000 - £96,000 / year
If you are excited about applying for this role but aren't certain you meet 100% of the criteria, we'd still love to hear from you.
Tags: Application security Automation C CASP+ CISM CISSP Cloud CompTIA FinTech GCIH Incident response OWASP Python SaaS Scripting Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs