Job Posting for Application Security Engineer at Prometric
Job Title: Application Security Engineer
Reports To: Head of Information Security
Department: Information Security
Location: Remote - Ireland
Hours of Work: 37.5 hours weekly
Job Overview:
As a Prometric Application Security Engineer you will be a member of our growing cybersecurity team with a focus on application security. In this role you will be responsible for executing and driving security posture validation, application penetration testing and the management of vulnerabilities on systems within Prometric’s global network. You will work closely with development teams on the security application security testing (SAST) program. You will also work with development, and infrastructure teams to ensure effective and secure coding practices and deployments. This role will also work with other members of the information security team on vulnerability management and dynamic application security testing (DAST). The ideal candidate will have a strong background in SAST/DAST tools, working knowledge of the MITRE ATT&CK framework and general web development and networking skills. Ideally at least 5 years of relevant application security experience.
Main Duties & Responsibilities:
Provide hands-on support for the triage, delivery, and on-going support for the DAST/SAST program and tools.
Collaborate with development, architecture, engineering, and information security colleagues on application security design and remediation.
Work with teams to ensure vulnerability pipelines are tracked, communicated, and optimized. Additionally work to automate the discovery and fixing of issues by leveraging the security tool stack.
Support the vulnerability management team’s work on assessments and audits of endpoint security configurations to ensure compliance with industry standards and best practices.
Developing and maintaining the application security policies, standards, and procedures.
Analyse/optimize existing threat models and create threat models for core applications.
Provide on-going support for Prometric’s voluntary responsible disclosure program to ensure disclosures are triaged appropriately.
Support incident response activities.
Stay current with emerging threats and application security technologies.
Essential Criteria:
Bachelor’s degree in computer science, Information Security, or related field (or equivalent experience).
3 years of cybersecurity work experience.
Experience with DAST/SAST tools.
Application/product security assurance experience
Experience creating threat models for web application software.
Familiarity with DevOps workflows and pipelines.
Knowledge of continuous integration/continuous deployment (CI/CD) methodologies.
Experience designing, deploying, and maintaining security controls.
Experience with infrastructure vulnerability assessments.
Must have very strong problem solving/troubleshooting skills.
Must be able to pay strong attention to detail while multi-tasking and maintaining organizational skills.
Desirable Criteria:
Technical Certification in Security is not required but is desired.
Time management and strong communication skills
Proven ability to work independently and collaboratively in a fast-paced environment, managing multiple priorities and delivering high-quality results on time.
Employee Benefits:
Pension Scheme
Healthcare Scheme
Life Assurance
Employee Health and Wellbeing Initiatives
Enhanced Annual Leave
24/7 Employee Assistance Programme
Enhanced Maternity/Paternity Leave
Social Club
Free carparking
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
Sign up to receive alerts about other jobs that are on the Application Security Engineer career path.
Click the checkbox next to the jobs that you are interested in.
Sign up to receive alerts about other jobs with skills like those required for the Application Security Engineer.
Click the checkbox next to the jobs that you are interested in.