Role

We are seeking a highly skilled and experienced Security Automation Engineer with a focus on Application Security to join our team. The ideal candidate will be responsible for designing, implementing, and maintaining security automation processes for our applications, services, and infrastructure. They will work closely with the development and security teams to ensure that security is built into every stage of the SDLC, from development to production, with a focus on automation, speed, and agility. The Security Automation Engineer will be responsible for identifying security risks and providing recommendations for mitigation, working closely with stakeholders to ensure that security best practices are being followed, and driving automation of security tasks and processes to reduce manual effort.

What you will be doing

Core Responsibilities

  • Design, implement and maintain security automation processes for applications, services, and infrastructure, with a focus on application security

  • Develop and implement security testing and scanning tools and methodologies to identify vulnerabilities and risks

  • Conduct automated security assessments and provide recommendations for remediation

  • Work with development and security teams to integrate security into the SDLC, including but not limited to code review, static analysis, dynamic analysis, and threat modelling

  • Investigate security incidents and provide support for security investigations

  • Create and maintain security documentation, policies, and procedures

  • Keep up-to-date with emerging security trends and technologies, and continuously improve security processes and practices

  • Communicate with stakeholders, including developers, security analysts, and management, to ensure that security best practices are being followed

    • Qualifications

  • Bachelor’s or Master’s degree in Computer Science, Information Security or related field

  • In-depth knowledge of security technologies, protocols, and best practices, including OWASP Top 10, SAST, DAST, and IAST

  • Knowledge of scripting languages/frameworks such as JavaScript or Selenium

  • Strong problem-solving skills, with the ability to analyse complex technical problems and provide recommendations for mitigation

  • Excellent communication skills, with the ability to communicate complex technical concepts to non-technical stakeholders

  • CISSP, CSSLP, or other relevant security certifications preferred

    • Works closely with:

  • Vulnerability Management Managers, Delivery Leads, Application Security teams, DevOps teams

    • Reports To:

  • Vulnerability Management Engineering Manager

    • Candidates will ideally show evidence of the above in their CV in order to be considered.

    Please be advised if you haven’t heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.

    To speak to a recruitment expert please contact

    MoreInformation