We are looking for an Application Security Engineer to join our growing Group Security team here at Webjet Limited. This is is a wide-ranging role that covers a set of key responsibilities including managing our third-party risk assessments, project risk assessments, understanding key risks to the business and working with our stakeholders and development teams to put appropriate controls in place to mitigate these risks.

Job Title: Application Security Engineer

Department: IT – Security

Location (primary): London – Hybrid

Key Responsibilities:

• Understand our internal threat landscape and work with relevant teams to mitigate related risks.
• Support and collaborate with development and platform engineering teams in building security into DevOps processes.
• Champion our vulnerability management program to understand key weaknesses to the business and help tune these controls.
• Collaborate with development teams to investigate security alerts raised and track through to remediation.
• Champion our security review process by performing risk assessments for new projects and enhancements to understand key risks and appropriate mitigations to the business.
• Work closely with our key stakeholders to ensure they understand their environment and business processes to identify key risks and provide advice on what appropriate controls could be implemented to reduce our exposure to risk.
• Support the audit function within the team to ensure we are operating to internal and relevant industry standards.

Essential Qualifications & Knowledge:

• Experience with cloud technologies in AWS & Azure. (AWS is essential)
• Understanding of risk management and conducting a technology-specific risk assessment.
• Ability to explain security risks and concepts in layman terms.
• Research and recommend new security technologies to new or existing problems and be able to explain and communicate design decisions.
• Have strong communication skills and be comfortable providing feedback and updates to key stakeholders within the business.
• Enjoy finding solutions to problems and working effectively with others to reach agreement.
• A professional approach to work, integrity, and respect for policies..

Essential Experience, Skills and Behavioural Requirements:

• 2 yrs + experience in a similar role.
• Prior experience with Web Development and Software Engineering with C#, PHP, Golang, Python or other languages.
• Experience with hardening and security of Linux operating system.
• Hands-on technical security/penetration testing for Web applications.
• Experience with security related architecture & code reviews and security assurance activities.
• Knowledge of OWASP top 10 and relevant controls.

Download:  Job Description – Application Security Engineer – London – Hybrid