Application Security Engineer (Hiring Immediately)

Company Description

Shawbrook provides finance to a wide range of customer segments that value the premium experience, flexibility and certainly we deliver. We are a purpose-led organisation, with a focus on delivering long-term sustainable value for all our stakeholders.

We have a diversified offering, with our innovative lending propositions tailored to meet specific customer needs in carefully selected markets across SME, Real Estate and Personal. Our products range from complex structured credit facilities for growth-focused businesses to mortgages for professional landlords and property investors, as well as simple loans for consumers delivered digitally. We fuel our lending through customer deposits, which we attract by delivering a premium experience, choice and consistently great value to smart savers.

The business model we have created is unique and difficult to replicate, with our ‘best of both’ approach combining deep human expertise with advanced digital, tech and data capabilities. This combination not only allows us to deliver excellent customer experiences, but to do so efficiently and at scale. We are proud of our innovative and agile culture, which drives consistently high employee engagement scores and makes Shawbrook an attractive destination for the best talent. If you’re willing to roll up your sleeves, contribute new ideas and believe anything is possible, you’re our kind of person.

Work with us because you:

• Want to be part of a bank built for the dynamics of the modern world
• Relish a challenge and enjoy a fast-paced, innovative and hardworking culture
• Enjoy finding new and better ways to solve complexity and make things happen
• Want to belong to a diverse culture that stands shoulder to shoulder with minority and underrepresented groups
• Care about society and the environment and want to be part of a business that cares too
• Want to continue to grow professionally and be the best version of yourself

Job Description

In this role, you'll play a pivotal part in ensuring the security and integrity of our software applications. You will be key in defending our digital assets against the ever-evolving landscape of cyber threats by staying up-to-date with the latest security technologies and best practices.

The complex technical environment at Shawbrook will give you endless opportunities to learn and develop your skills, gaining exposure to a wide range of systems and software and taking ownership of more complex projects as you progress.

Key Responsibilities

• Conduct thorough code reviews, enhancing security and compliance.
• Perform advanced penetration testing and vulnerability assessments.
• Utilize Qualys and other patch management tools for up-to-date security.
• Deploy Veracode and similar tools to remediate code security issues.
• Collaborate with DevSecOps teams to automate security in the CI/CD pipeline.
• Harness Azure and cloud security practices for secure cloud applications.
• Apply OWASP's Top Ten knowledge to enhance web app security.
• Stay updated on AI/ML for security threat prevention.
• Secure containerized apps with Docker and Kubernetes.
• Secure APIs using modern security mechanisms and protocols.

Qualifications

• Web Application Security Experience- You will use OWASP's Top Ten vulnerabilities and other web app security tools to assess and enhance the security of web applications.
• Code Review- You will be conducting in depth code reviews to identify and rectify vulnerabilities, coding best practices, and compliance with security standards.
• Experience with Scanning Tools- You will use Veracode or similar scanning tools to detect and remediate security issues in application code.
• DevSecOps and CI/CD Experience- You will collaborate with DevSecOps teams to seamlessly integrate security into the Continuous Integration/Continuous Deployment (CI/CD) pipeline, promoting automation and security as code.
• Cloud Security Experience- You will use cloud platforms, such as Azure & AWS, and the latest cloud security practices to ensure the security of cloud-based applications and infrastructure.

Additional Information

Your Wellbeing - We take your health and well-being very seriously by providing a range of benefits to give you and your family peace of mind. These include:

• Market leading family friendly policies such as access to our Maternity, Adoption and Paternity policies from Day 1 of your employment
• Free access to Headspace, a mindfulness & meditation digital health app
• Free access to Peppy digital health app that offers personalised support through fertility treatment becoming a parent or menopause
• EAP (Employee Assistance Programme) - Offering you support on a wide range of subjects including financial concerns, mental wellbeing and more general queries around family, work, housing and health
• Cycle to work scheme
• Discounts on gym membership
• Contributory pension scheme & death in service

Your Lifestyle - It’s important you strike the right balance between your work and personal life. We provide benefits to support you when at work and when you’re enjoying your leisure time.

• Minimum of 27 days holiday per year
• Option to buy or sell holiday days through our flexi-holiday scheme
• Discounts on gym membership nationwide
• Access to discounts on a range of high street and online brands
• Community support and charitable giving

Your Contribution - We’re focused on rewarding those that go the extra mile in helping us achieve our goals.

• Participation in our annual discretionary bonus scheme designed to reward your contribution to our success
• Proudly Shawbrook recognition scheme focused on recognising our role models and thanking our colleagues for a job well done