Role Summary:
The Application Security Engineer is part of the team responsible for monitoring and maintaining the security posture of Daon’s SaaS platforms. You will be responsible for ensuring that our software and services are designed and implemented securely. You will contribute to building, testing, and deploying tools to validate and enhance the security of Daon’s platforms.
We are looking for:
Technical Knowledge:
- Experience in applying OWASP tools and techniques in the context of cloud hosted services including hands-on experience in performing vulnerability scanning and penetration testing
- Software development experience primarily in Java
- Experience with web application security and the use of technologies such as load balancers and reverse proxies
- A thorough understanding of network topologies and design regarding security best practices such as defence in depth and least privilege
- Comfortable using the Linux/UNIX command line interface
- Basic scripting abilities in Bash (Mandatory) and Python (Desirable)
- Experience of AWS and its various services (EC2, RDS, VPC, EKS, S3, Route53, KMS and IAM etc) from the perspective of security testing, audit and compliance
- A deep understanding of common network protocols and services (TLS, DNS, HTTP, SSH, SMTP)
- Familiarity in SCM usage (Git preferred)
- Experience in liaising with external penetration testing and vulnerability assessment providers.
Education & Experience:
- BS in Computer Science or equivalent experience
- Ability to work on multiple projects concurrently
- Capable of finding vulnerabilities and recommending solutions
- Strong knowledge of Web application security
- Web Application Penetration testing expertise
- Experience with security in DevOps environments
- Strong knowledge of cryptography and implementation techniques
- Strong coding experience in at least one programming or scripting language
Person Specification:
- Ability to adapt and work multiple issues simultaneously
- Must have a proven track record of achievements
- Strong analytical and problem-solving skills
- Excellent interpersonal skills with strong ability to work collaboratively as part of a team
- Ability to work independently without daily supervision and be autonomous
- Exercises sound judgment and decision making
- Excellent verbal and written communication skills
- Proven ability to work in a busy environment where multi-tasking may be required
- Driven, self-motivated and a quick learner
- Ability to meet deadlines and achieve goals
- Ability to lift objects weighing up to 50lbs
- Ability to maintain high levels of confidentiality
- Works well under pressure
- Be reliable, responsive, timely and courteous.
Selection Process:
- Qualified applicants will be invited to schedule a 30-minute introductory call with our HR Business Partner
- Candidates selected for 2nd round interview will then be invited to a series of practical interviews with members of the technical or functional team
- Successful candidates will be selected and contacted with an offer to join our team
Deadline for applications: 15.12.2021.