Application Security Engineer

Oslo, Oslo, Norway

Applications have closed

Aize AS

Aize is the workspace that allows you to visualise, navigate, collaborate and work on a digital representation of an asset

View company page

What you tell your friends you do...

"… I make sure people don’t click the “URGENT” messages in their inbox from their colleague@hacker.com"

What you will really be doing...

🎓Providing subject matter expertise on topics such as secure design, security controls, encryption, programming, and web security standards

🔨Establishing and following up processes for secure development

🔒Ensuring compliance with security standards

🛠️Training internal teams on security aspects

🖥️Working closely with the team to identify and respond to security incidents

🛡️Designing, implementing, and operating IT security tools

💪Taking ownership of parts of the ISO 27001 process


How you will be doing this…

  • Working together with a team of security professionals and developers to ensure the security of the product and our customers data.
  • Owning the CICD security pipeline and vulnerability management of the product.
  • Responsible for defining security configurations for our cloud infrastructure.

Tech

  • Containers and Kubernetes
  • Cloud based infrastructure
  • Infrastructure as code tools - Terraform, Cloud formation and / or Azure ARM, Bicep.
  • APIs (Rest and GraphQL)
  • Webapp firewalls
  • Application authentication and access control –JWT, OAuth, SCIM
  • Secure development (SAST, DAST, IAST, SCA)
  • Typescript, Angular, Java, Python, C#, Go
  • Gitlab CI/CD, Test automation

Skills & Requirements

  • Minimum 3 years of experience in cybersecurity
  • Programming skills in at least one non-scripting language
  • The ability to think like an attacker
  • Experience implementing Security Champion programs
  • Eligible for NATO security clearance
  • Experience with integrating security tooling to CI/CD
  • Experience with threat modeling
  • Experience with cloud security
  • Experience with a SaaS cloud solution product
  • Experience with DevSecOps and/or S-SDLC and of OWASP Top 10 and ASVS
  • Experience with backend and frontend systems
  • Capable of building successful relationships across different teams

We offer:

  • Money.
  • A beefy enough MacBook Pro or equivalent laptop running Windows.
  • Tech talks, lunch and learns…
  • To help you keep your money, we also chip in on your pension, pay for your travels and keep you safe with insurance.
  • Speaking of safe, we have our very own private health clinic.
  • Room for you to do things your way.
  • Lots of things you can learn through our skilled sparring partners.
  • 25 days of paid leave, so long as you promise to come back! Maybe you want to use a couple of days in one of our cabins; Gaustablikk, Beitostølen, Hafjell, Tjøme ++?
  • We like to inspire your passion by giving you the opportunity to visit events.
  • Relocation support.
  • And yes, we also have the industry standard perks such as a free phone plan, broadband at home, hardware, gym, beer, ping pong tables, great lunch, team activities, and awesome parties.

* Salary range is an estimate based on our salary survey 💰

Tags: APIs Application security Automation Azure C CI/CD Clearance Cloud Compliance DAST DevSecOps Encryption Firewalls ISO 27001 Java Kubernetes NATO OWASP Python SaaS SAST Scripting SDLC Security Clearance Terraform TypeScript Vulnerability management Windows

Perks/benefits: Gear Health care Relocation support Team events

Region: Europe
Country: Norway
Job stats:  20  3  0

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.