Application Security Engineer

What you tell your friends you do...

"… I make sure people don’t click the “URGENT” messages in their inbox from their colleague@hacker.com"

What you will really be doing...

🎓Providing subject matter expertise on topics such as secure design, security controls, encryption, programming, and web security standards

🔨Establishing and following up processes for secure development

🔒Ensuring compliance with security standards

🛠️Training internal teams on security aspects

🖥️Working closely with the team to identify and respond to security incidents

🛡️Designing, implementing, and operating IT security tools

💪Taking ownership of parts of the ISO 27001 process

How you will be doing this…

• Working together with a team of security professionals and developers to ensure the security of the product and our customers data.
• Owning the CICD security pipeline and vulnerability management of the product.
• Responsible for defining security configurations for our cloud infrastructure.
  
  

Tech

• Containers and Kubernetes
• Cloud based infrastructure
• Infrastructure as code tools - Terraform, Cloud formation and / or Azure ARM, Bicep.
• APIs (Rest and GraphQL)
• Webapp firewalls
• Application authentication and access control –JWT, OAuth, SCIM
• Secure development (SAST, DAST, IAST, SCA)
• Typescript, Angular, Java, Python, C#, Go
• Gitlab CI/CD, Test automation
  
  

Skills & Requirements

• Minimum 3 years of experience in cybersecurity
• Programming skills in at least one non-scripting language
• The ability to think like an attacker
• Experience implementing Security Champion programs
• Eligible for NATO security clearance
• Experience with integrating security tooling to CI/CD
• Experience with threat modeling
• Experience with cloud security
• Experience with a SaaS cloud solution product
• Experience with DevSecOps and/or S-SDLC and of OWASP Top 10 and ASVS
• Experience with backend and frontend systems
• Capable of building successful relationships across different teams
  
  

We offer:

• Money.
• A beefy enough MacBook Pro or equivalent laptop running Windows.
• Tech talks, lunch and learns…
• To help you keep your money, we also chip in on your pension, pay for your travels and keep you safe with insurance.
• Speaking of safe, we have our very own private health clinic.
• Room for you to do things your way.
• Lots of things you can learn through our skilled sparring partners.
• 25 days of paid leave, so long as you promise to come back! Maybe you want to use a couple of days in one of our cabins; Gaustablikk, Beitostølen, Hafjell, Tjøme ++?
• We like to inspire your passion by giving you the opportunity to visit events.
• Relocation support.
• And yes, we also have the industry standard perks such as a free phone plan, broadband at home, hardware, gym, beer, ping pong tables, great lunch, team activities, and awesome parties.