Application Security Engineer

Posted 10 January 2025
Salary Market related
LocationCork
Discipline Software EngineeringCybersecurity
Reference9869
ContactEugene Gibbons

Job description

Stelfox is partnering with a SaaS Product provider who deploy their B2B solutions across an international portfolio of financial services & Insurance organisation.

This is a start up / scale up environment with a platform built on Nodejs/Typescript, React UI and running fully on AWS services. The product integrates via REST API to ccustomer's core backend systems so they can white label and use client's core solution(s).

We are looking to add an Application Security Engineer to the team, in order to help safeguard applications and protect data from cyber threats. Ideally you will have a background in software development, network/cloud security, and risk management.

Some of the tasks include:

  • Work closely with software development teams to integrate security into the SDLC,
  • Conduct security assessments and provide guidance on secure coding practices.
  • Develop & implement security policies and procedures 
  • Perform penetration testing & vulnerability scanning.
  • Stay up to date with the latest trends and threats.
  • Work with third-party vendors to ensure security compliance.
  • Conduct threat modelling and risk analysis.

Preferred experience & qualifications:

  • Bachelor's degree in Computer Science, Information Security or a related field.
  • 3-5 years experience in application security with a particular focus on security engineering.
  • Experience with DevSecOps tools & practices
  • Knowledge of network security & protocols.
  • Strong understanding of security principles.
  • Experience with security tools, like some of the following - Burp Suite, OWASP ZAP, and Nessus, Falco, Trivy, Wireshark, Kali Linux.
  • Proficiency in programming languages / scripting such as Python, Typescript, Nodejs or others.
  • Familiarity with containerisation technologies (Docker, Kubernetes).
  • Familiar with cloud security (AWS, Azure, GCP).
  • Experience with incident response and forensic analysis.
  • Understanding of regulatory requirement is an advantage (GDPR, PCI-DSS etc).
  • Certifications such as CISSP, CEH or OSCP are a big plus.

Note:

  • This role is open to Hybrid or remote working (1-2 visits to office per month), so we are open to considering applications from candidates from across the Republic of Ireland.
  • Feel free to apply if you would like to be considered with immediate effect.

Please note:

We have a number of similar positions currently, and in the future, which we would like to discuss with you should you indicate your interest in this role. When we receive your application for this role, we will contact you to advise you of our process for other similar positions.

Stelfox is fully compliant with GDPR regulations and you can read more in our privacy policy here: https://www.stelfox.com/privacy-policy-gdpr/

Your shared data will not be disclosed or transferred to a third party data controller or data processor located outside the EEA unless we have obtained your express consent.

We look forward to working with you.