Application Security Engineer

Details of the offer

About us We are Protecht - a fast growth Governance, Risk & Compliance (GRC) SaaS business. We provide world-class enterprise risk management, compliance, training, and advisory services to over 350 customers across various industry sectors through our offices across APAC, USA & Europe.
Our cloud-based SaaS platform – Protecht.ERM is what makes us really stand out. It's one of the most comprehensive, flexible, and dynamic risk management solutions available today.

The Culture and Benefits you don't want to miss! At Protecht, you will be part of a growing and high performing technology team. A positive and super friendly culture awaits you, where learning is valued and supported. We empower our people through leadership, training, knowledge-sharing, and mentorship. Here are some of the perks of working with Protecht:
A modern TechStack and great opportunity to work within a dynamic teamA highly flexible culture – our way of working lets people work across home and our officesA strong commitment to your learning and development - fortnightly dedicated L&D afternoonsReward & Recognition programsA strong focus on work / life balance with access to Birthday leave, bonus days, paid parental leave and long service leaveMonthly social eventsCompetitive remuneration and Annual Performance BonusNovated car leasingWellbeing supportGenerous Employee Referral program Let's talk about your new role! As our Application Security Engineer, you will help ensure that every step of the software development lifecycle follows security best practices in supporting and developing our SaaS product – Protecht.ERM (Enterprise Risk Management). Located in our central Sydney office and reporting to the Head of Cyber Security, you will be working in a fun and exciting security team that strives to implement best security practices for development, testing and agile project delivery.

Key responsibilities Review application code for security vulnerabilities and best practices.Help Protecht developers deliver high quality and security hardened code based on OWASP and Protecht secure coding standards.Assess application vulnerabilities and provide clear paths for developers to mitigate the vulnerabilities.Create and maintain a single view of application security tasks from different sources, analyse and prioritise the tasks with different dev teams.Drive and upskill Protecht developers to maintain a security aware culture.Own and enforce secure development policies amongst the Protecht development teams.Create and maintain documentation to support the development of secure software.Run automated security testing tools (SAST, DAST) to detect vulnerabilities.Build and integrate automated security tools into CI/CD pipelines for continuous security testing.Work closely with Protecht developers and platform teams to integrate security throughout the Software Development Life Cycle (SDLC).Ensure security requirements are incorporated into the design phase and architecture reviews.Perform threat modelling with the Protecht development teams to identify and prioritize potential security risks during the design phase.Monitor the evolving threat landscape and proactively conduct security research to identify common application threats and attack vectors to then develop mitigating solutions and minimise risk.Collaborate with external stakeholders for the scoping, managing, validating and remediating of vulnerability assessment and penetration tests.Participate in audits and reviews to validate the security of applications (ISO27001, SOC2, IRAP).Ensure applications comply with relevant security standards and regulations (e.g., OWASP, GDPR).Collaborate in an agile environment with cyber security, development and platform teams.Contribute to various security projects and assist the Head of Cyber Security in delivering the cyber security roadmap. Skills / Experience you need for success… This role suits you if you have:
Passion for application security.Relevant tertiary qualification such as a degree in computer science or information systems.2 or more years proven commercial experience in security, preferably in application security or software engineering role.Experience with architecture and security reviews, threat modelling applications.Strong understanding of secure software development fundamentals.The ability to identify security issues through secure code review.Commercial experience Java and/or React development.Experience with REST APIs.Experience with common information security frameworks, standards, principles, and processes (OWASP, SANS, NIST, ISO, etc.).Understanding and experience with common security libraries, security controls, and common security vulnerabilities. Desirable attributes Experience with cloud infrastructure environments (AWS) and containerized environments (Docker, Kubernetes).Understanding of identity providers (SAML, SCIM).Experience with SAST/DAST tools.Experience using JIRA and Confluence.Understanding of risk management.Exposure to penetration testing for web applications.Security / Application Security Certifications (CISSP, CEH, OSCP, CREST). Next steps With a swift screening and interview process in place, we are happy to invite you to apply. If you think this may be your next opportunity and you want to be part of a Great Place to Work – Certified organization, Apply online today! Visit our website https://www.protechtgroup.com/ to find out a little more about working with us.

#J-18808-Ljbffr


Nominal Salary: To be agreed

Source: Jobleads

Requirements

Data Quality Specialist Lead

TAFE NSW Life-Changing Careers Data Quality Specialist Lead Location negotiable (subject to campus availability) 2x temporary full time until November 2025 B...


From Tafe Nsw - New South Wales

Published 13 days ago

Business Analyst - Non-Financial Risk

Business/Systems Analysts (Information & Communication Technology) Are you passionate about driving meaningful change and delivering impactful solutions? A l...


From Morgan Mckinley - New South Wales

Published 13 days ago

Applications Specialist

At Varian, a Siemens Healthineers Company, we bring together the world's best talent to realize our vision of a world without fear of cancer. Together, we wo...


From 0460 Vms Australasia Pty Ltd. - New South Wales

Published 13 days ago

Security Operations Engineer

Salary: $900 to $1000 per day including super Location: Sydney CBD office Work Arrangement: Hybrid WFH 2 days a week Contract Duration: 6 to 12 month cont...


From Https:/Www.Energyjobline.Com/Sitemap.Xml - New South Wales

Published 13 days ago

Built at: 2024-11-06T07:29:04.596Z