Application Security Engineer

We are now looking for an Application Security Engineer to join #teamgreen.
Role Purpose As an Application Security Engineer, you will take on ownership of application security projects with opportunities across various tech stacks; strive to discover gaps and enable secure designs and mitigations. You will also be responsible for automating and scaling out the way application security is conducted across the Matillion. The role is not limited to merely identifying and fixing security vulnerabilities. You will play a key role in proactively identifying potential security risks, developing mitigation strategies, and ensuring that security measures are incorporated right from the beginning of the application development process.

What you will be doing

• Facilitate security assessments, remediations and drive product development forward
• Direct and assist product security guidance and processes
• Define how we establish, grow, and expand our partnerships with the Matillion product engineering organisation
• Contribute to the ramp-up of Trust-by-Design security work as well as security awareness amongst developers
• Conduct Bug Bounty issue evaluation, reproduction, and recommendations
• Help develop and deliver Security Education and Training and shepherd the security champions program
• Plan and perform penetration testing
• Write secure libraries or code patches where appropriate - especially scale secure code practices or prototype examples
• Build and maintain CI/CD secure tooling and support other security tools as well as automate tools and processes
• Test application code with the OWASP Testing Methodology
• Design and implement robust and secure systems
• Take part in Incident Response activities

What we are looking for - Essential

• Experience in threat modelling and secure development lifecycle activities
• Knowledge of product security tools and fine tuning and prioritisation of security issues
• Knowledge of AWS cloud environment and various development tools
• Experienced in deploying security best practices at scale
• Stay on top of advances in application security and translate that knowledge to preventing and finding vulnerabilities in Matillion’s systems and code and, if necessary, write proof-of-concept exploits
• Help teams integrate security throughout the development lifecycle in a non-blocking way
• Familiarity with large scale distributed systems

Personal Capabilities

• Strong team player with effective communication skills in terms of explaining complex security issues to a wide range of audiences
• A collaborative teammate who enjoys working with highly technical development team
• Have experience with security principles and adept at translating value to the organisation
• Prioritise making changes that have a long-term impact, as opposed to focusing on short-term wins
• Align with Matillion’s culture and values and embody that on a day to day basis
• Mindset of enabling our development teams to move fast while staying secure and allowing the company to choose the risks it wants to take
• Know when it’s necessary to act fast, as well as when to step back and look at the bigger picture in a more analytical fashion

At Matillion, we are committed to providing competitive salaries in line with market standards. Our estimated compensation range for this position is £46,000 - £69,000, but the final salary will be based on your relevant skills, experience and qualifications demonstrated in the hiring process.