Application Security Analyst

Role purpose

To provide IT Security expertise to ensure the confidentiality, integrity and availability of PIC applications and information assets. Promote a DevSecOps approach by providing security advice and continuously assess the PIC development environment to ensure threats and vulnerabilities are within PIC tolerance levels.

Key responsibilities

• Integrate automated security analysis testing tools into the SDLC, for example SCA and SAST.
• Provide thorough security assessments and monitoring services of applications, software and APIs to identify vulnerabilities, weaknesses, and potential exploits.
• Contribute to improving the security processes and procedures to include report exceptions/risk acceptance for further review.
• Coordinate with the Development teams/third parties to fix vulnerabilities and resolve findings from security scans or penetration tests based on defined priority levels.

Requirements

Knowledge, experience, skills and abilities (technical competencies)

Ideally from a developer background as you will act as the bridge between the PIC development and security teams. you should have experience of the following:

• Understanding of languages, including one or more of Python, Java, C#, VisualBasic.NET, Matlab, R, SQL, Bash and Ruby.
• Knowledge of software composition analysis (SCA) tools.
• Knowledge of reviewing application security (SAST, DAST).

Benefits

• In addition to a competitive base salary and the opportunity to participate in our annual, performance-related bonus plan, upon joining us here at Pension Insurance Corporation, you'll get access to some great benefits, including private medical insurance, 28 days' annual leave (excluding bank holidays), a generous pension scheme and much more.
• This role offers hybrid working, and we are open to discussing flexible working arrangements too.