Application Security Specialist

Summary

Application Security Specialist by [Employer hidden — view at passion-project.co.uk]. The role involves implementing secure development practices, conducting threat modeling, performing SAST/DAST, integrating security into CI/CD, conducting security assessments, and providing training. Requires experience in application security and knowledge of secure coding practices. The role offers remote and hybrid options and is based in the United Kingdom.

Key Responsibilities/Duties

• Implementing secure development practices and conducting threat modeling for software applications
• Performing static and dynamic application security testing (SAST/DAST) to identify vulnerabilities in code
• Collaborating with DevOps and development teams to integrate security into the CI/CD pipeline
• Conducting regular application security assessments, including penetration testing and vulnerability scanning
• Providing guidance and training to development teams on secure coding practices and security tools

Core Requirements/Qualifications/Skills

• Proven experience as an Application Security Specialist or in a similar application security role
• Strong knowledge of secure coding practices, common vulnerabilities (e.g., OWASP Top 10), and application security testing tools
• Experience with SAST, DAST, and security code review tools (e.g., Fortify, Veracode, Checkmarx)
• Familiarity with secure software development frameworks (e.g., OWASP, NIST)
• Relevant certifications such as CSSLP, CEH, or CISSP are highly desirable