Role: Contract Application Security Engineer

Location: Fully remote working

Duration: 6 Months

IR35: Umbrella company engagement only

Role Profile:

Spectrum IT's Global Client are a leading eCommerce & retail business who are highly focused on technology and innovation. They are recruiting a Contract Application Security Engineer to support their UK & EU portfolio and play a key role as part of the global engineering team. This is a remote working role and is via Umbrella engagement only (non-PSC).

As the Contract Application Security Engineer you will play a leading role in the functionality of global products with a large focus on application security. You will be a language agnostic, quick to pick up new skills and deliver enjoy creating new solutions to unexpected problems.

Role / Responsibilities

Implementing software application security controls
Analysing system services, spotting issues in code, and discovering security exposures
Developing mitigation plans and designing technical solutions to address security weaknesses
Participating in and supporting application security reviews, including code reviews, third-party integration reviews, and dynamic testing
Supporting product and development teams in the area of application security, providing hands-on remediation guidance and direction
Assisting in development of automated security testing to ensure that secure coding best practices are being used
Building and deploying performant and secure code to production following the coding standards and set KPIs

Skills / Experience

Previous experience in e-commerce, SaaS or similar.
Technical experience in JavaScript/TypeScript and Perl/PHP (knowledge of Java is a plus).
Technical expertise in secure software development.
Strong knowledge of secure design practices and common software vulnerabilities such as OWASP Top 10 and CWE Top 25.
Knowledge of common and emerging security threats