Application Security Engineer (PAE) (Contract)

[What the role is]

We are seeking an experienced Application Security Engineer to be part of the Platforms Architecture & Engineering (PAE) and strengthen our organisation's security posture by implementing robust security measures throughout our software development lifecycle. The ideal candidate will work closely with development teams and operation teams to ensure security is embedded in our applications from design to deployment.

[What you will be working on]

In This Position, You Will:

• Conduct security assessments, threat modelling, and code reviews to identify vulnerabilities in applications
• Design and implement security controls, authentication mechanisms, and encryption solutions
• Develop and maintain secure coding guidelines and security standards
• Collaborate with development teams to remediate security issues and provide guidance on secure coding practices
• Conduct security awareness training sessions for development teams
• Monitor and respond to security incidents related to application vulnerabilities
• Evaluate and implement security tools and technologies
• Maintain documentation of security processes and procedures
• [What we are looking for]
• Design and implement security controls, authentication mechanisms, and encryption solutions
• Develop and maintain secure coding guidelines and security standards
• Collaborate with development teams to remediate security issues and provide guidance on secure coding practices
• Conduct security awareness training sessions for development teams
• Monitor and respond to security incidents related to application vulnerabilities
• Evaluate and implement security tools and technologies
• Maintain documentation of security processes and procedures
• [What we are looking for]
• Bachelor's degree in Computer Science, Information Security, or related field
• At least 3 years of experience in application security or software development with security focus
• Strong knowledge of secure coding practices and OWASP Top 10 vulnerabilities
• Proficiency in common programming languages (e.g., .Net Core, Java, Python, JavaScript)
• Experience with security testing tools and methodologies
• Understanding of cryptography, authentication, and authorisation protocols
• Knowledge of common security frameworks and standards (ISO 27001, NIST, etc.)
• Security certifications (CISSP, CEH, OSCP, or equivalent)
• Experience with cloud security (AWS, Azure, GCP)
• Knowledge of DevSecOps practices and tools
• Familiarity with containerisation and microservices security
• Strong analytical and problem-solving abilities
• Excellent communication and collaboration skills
• Experience with security incident response

As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.

This is a 2-Year Contract. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.