Lead Application Security Engineer
Featurespace are building an exciting new Application Security team from the ground up, to sit within the Engineering function of our business, based in our head office in Cambridge.
In your role as Lead Application Security Engineer you will be joining Featurespace as the first member of the Application Security Team, and will be integral in working with Engineering Management to establish, grow, and manage the team. You and your team will be responsible for driving application security best practice across the engineering teams developing ARIC, our real-time platform for monitoring and preventing fraud and financial crime.
Day to Day
- Championing application security best practices through the full software lifecycle across Featurespace Engineering
- Working with development teams to build security into all steps of application development from specification and design through to build, test and deployment
- Own the design of security critical aspects of ARIC’s architecture such as authentication, authorization, data protection and encryption
- Collaborating with the Engineering Technical Communication team to educate engineers on common security threats (e.g. OWASP top 10), tooling and methodologies
- Work closely with Release Engineering to adopt and automate security tooling as an integral part of our Continuous Integration process
- Manage the engineering process around triaging, evaluating and responding to incoming security issues and questions. This often includes CVEs, customer security reports and penetration testing results
- Leading the response to active application security incidents affecting the ARIC product, both internal and raised by customers
- Collaborating with Featurespace IT and Corporate Security teams
- Keep up to date with emerging security trends, threats and practices
- Management and lead responsibilities surrounding the Application Security team