An exciting opportunity to join a leading Technology company and play an influential part in their continued commitment to Application Security.
You will have an expert background in Application Security built from extensive commercial experience, but ultimately you will be a software engineer at heart with a passion for technology - non programmers will not be considered!
Core Technical Skills (desired):
* Strong commercial AWS experience (other public cloud experience considered a real bonus)
* Hands-on experience with security tools such as: Kali Linux, Metasploit, Burp Suite, Wireshark, sqlmap, Nessus, Maltego, MobSF, PyTM, CyberArk, Zero Attack Proxy, Imperva etc.
* MongoDB, SQL server, JBoss
* Linux & Docker
* Confluence and JIRA APIs
* Solid understanding of software composition analysis
* Commercial experience developing proof-of-concept exploitation scripts for know vulnerabilities
* Familiarity with Mitre Top 25 and CVSS frameworks, mapping to business risk
* Experience triaging vulnerabilities with engineering teams
* Ability to write prescriptive remediation steps for vulnerabilities and weaknesses
* Experience in implementing end to end DevSecOps life cycle and tooling
* A good communicator with solid written and oral communication skills
* A team player who is not afraid to get stuck in and work collaboratively
* An ability to speak to business risk when assessing software vulnerabilities