Application Security Engineer
We're helping a Crypto treasury management company who are looking for an Application Security Engineer with a strong passion for problem-solving and attention to detail. They are open to working fully remote in Europe or the UK, or on-site at their Spanish office.
- Research, learn and work with the newest tools!
- Work as part of the Security Team with a focus on application-level security
- Implement a software assurance model designed to address security defects early in the delivery pipeline
- Perform security architecture design reviews for new features and product releases
- Perform code reviews and advise developers on remediation techniques
- Be an advocate for secure coding practices across all engineering teams
- Facilitate internal training on various security topics to raise awareness and interest
- Manage external- and perform your own penetration tests, and lead remediation projects to enhance existing security features
- Improving the Secure Software Development Lifecycle, working with and keeping development teams up to date with secure coding practices
- Create documentation and presentations for security champions on the development team
Technical Experience and Qualifications Required:
- BS or MS degree in Computer Science or a related technical field
- At least 5 years in Cybersecurity and Application development
- Bachelor/Master’s Degree in Computer Science or an equivalent degree
- Experience in Security Engineering, Threat Modelling, Penetration Testing and Security Code Review
- Deep knowledge of common web application vulnerabilities (e.g. Injection Attacks, XSS, CSRF, etc.) and their mitigation strategies
- Experience in OWASP ASVS Implementation and verification
- Experience in developing web applications and Java programming
- Deep knowledge of standards and methodologies OWASP, PTES
- Experience with security assessment tools like Burp Suite, OWASP ZAP, etc.
- Experience with secure coding practices and automating security checks in pipelines
- Hands-on experience implementing and tuning SAST/DAST
- You have the ability to exploit security flaws on web applications and APIs manually
Apply for this role
All fields marked with * are required.