Senior Application Security Engineer

Matillion is The Data Productivity Cloud.
We are on a mission to power the data productivity of our customers and the world, by helping teams get data business ready, faster. Our technology allows customers to load, transform, sync and orchestrate their data. 
We are looking for passionate, high-integrity individuals to help us scale up our growing business. Together, we can make a dent in the universe bigger than ourselves.
With offices in the UK, US and Spain, we are now thrilled to announce the opening of our new office in Hyderabad, India. This marks an exciting milestone in our global expansion, and we are now looking for talented professionals to join us as part of our founding team.
Role Purpose
Matillion is built around small development teams utilising a modern, cloud-based technology stack to deliver products. The AppSec Engineer will work in an engineering capacity to product and engineering teams to ensure security is baked into the product from the design phase creating a SecDevOps workflow.
What you will be doing
DesignEstablish and lead security champions programme across the development squadsBuild functional and nonfunctional requirements for the application in conjunction with the product teamInput abuse case stories into the product backlogEvangelise security across the product team, ensuring security stories are prioritised against feature goalsAssess SDLC security gap risks and propose remedies
ConsultInstruct and guide developers on how to conduct Threat Modelling during application DesignAct as the single point of contact for security concerns arising from the development team providing advice on how to solve technical software issuesLead the pentesting cadence around the core application set by conducting hacking exercisesProvide application code reviews against known development frameworks such as OWASP ASVSProvide input into the design of functional and non-functional security controls such as customer authentication workflowsRun Security Champion sessions to keep developers aware of security developments
EngineerEstablish security into the CICD pipeline such as SAST/IAST/DASTAutomate and build nifty security tools to test Matillion applications Integrate testing, build failures and outputs to the development team to ensure passage to production is secureCreate security tests for code and assist developers in building security unit testing
SupportResponsive support to the development teamsAnalysis of logs to identify issues and provide solutions
InnovationResearch projects, including prototyping, to explore future opportunitiesInvestigate new technologiesOptimise the infrastructure deployment process through use of automation, in-house and open source solutions
Self-Development and GrowthDevelop new skills by working with other members of the teamWork with the Team Lead to identify training goalsLead and partake in technical discussions within the teamActively identify and complete opportunities for self-training and external trainingDrive the team’s process of continual improvement
What we are looking for
Technical / Role Specific 
EssentialA passion and drive to succeed in Application SecurityUnderstanding of Software Development Life Cycle
DesirableSecurity professional at heart borne from a software engineering backgroundExperience of working with the OWASP ASVS frameworkExperience in Agile delivery environmentsGreenfield experience setting up security technologies from scratchOutgoing and able to build relationships with key stakeholders
Personal Capabilities Required, e.g. skills, attitude, strengthsCan do attitude, willing to take on a wide range of security issuesKeeps up to date with security developmentsKeen to engage with the security community on a range of topicsFast learnerMatillion has fostered a culture that is collaborative, fast-paced, ambitious, and transparent, and an environment where people genuinely care about their colleagues and communities. 
Our 6 core values guide how we work together and with our customers and partners. We operate a truly flexible and hybrid working culture that promotes work-life balance, and are proud to be able to offer the following benefits:
- Company Equity - 27 days paid time off- 12 days of Company Holiday- 5 days paid volunteering leave- Group Mediclaim (GMC)- Enhanced parental leave policies- MacBook Pro- Access to various tools to aid your career development
More about MatillionThousands of enterprises including Cisco, DocuSign, Slack, and TUI trust Matillion technology to load, transform, sync, and orchestrate their data for a wide range of use cases from insights and operational analytics, to data science, machine learning, and AI. 
With over $300M raised from top Silicon Valley investors, we are on a mission to power the data productivity of our customers and the world.
We are passionate about doing things in a smart, considerate way. We’re honoured to be named a great place to work for several years running by multiple industry research firms. 
We are dual headquartered in Manchester, UK and Denver, Colorado.
We are keen to hear from prospective Matillioners, so even if you don’t feel you match all the criteria please apply and a member of our Talent Acquisition team will be in touch. Alternatively, if you are interested in Matillion but don't see a suitable role, please email talent@matillion.com.
Matillion is an equal opportunity employer. We celebrate diversity and we are committed to creating an inclusive environment for all of our team. Matillion prohibits discrimination and harassment of any type. Matillion does not discriminate on the basis of race, colour, religion, age, sex, national origin, disability status, genetics, sexual orientation, gender identity or expression, or any other characteristic protected by law.