Application Security Manager - Greater London, United Kingdom - RX Global

    RX Global
    RX Global Greater London, United Kingdom

    2 weeks ago

    Default job background
    Description

    Job Description

    Application Security Leader

    Do you have impressive experience as a Security Engineer?

    Are you able to make strategic decisions based on advances in technology?

    About our Team

    RX is in the business of building businesses for individuals, communities and organisations. We elevate the power of face-to-face events by combining data and digital products to help customers learn about markets, source products and complete transactions at over 400 events in 22 countries across 43 industry sectors. RX is passionate about making a positive impact on society and is fully committed to creating an inclusive work environment for all our people. RX is part of RELX, a global provider of information-based analytics and decision tools for professional and business customers

    About the Role

    We are looking for an experienced Application Security Leader to lead the Application Security discipline across RX Global. The Security Application Leader will play a critical role in ensuring that all applications are developed, deployed, and maintained with security as a top priority, helping to protect sensitive data, mitigate risks, and maintain the trust of customers and stakeholders

    Responsibilities

    • Conducting assessments of applications (web, cloud, mobile, API) using range of manual and automated source code review techniques
    • (PASTA and STRIDE)
    • Working with development teams to analyse,evaluate and enhance the effectiveness of their application/ product security posture at all levels.
    • Owning and administration of security tooling such as Sonarcube, Acunetix, Dtrack, and others
    • Collaborating with respective peer groups to safeguard company information assets against current and foreseen threats
    • Implementing security programs: managing and execute project deliverables
    • Collaborating with agile development teams to shift-left application security, embedding security tooling (static analysis, SCA, and container scanning) into their CI/CD pipelines and IDEs.

    Requirements

    • Display understanding Software Development Life Cycle, REST and GraphQL APIs
    • Display experience in security architecture reviews and risk assessments for applications in design and production phases
    • Demonstrate experience overseeing application security testing, prioritising the resolution of security vulnerabilities, and increasing automation
    • Show experience identifying potential threats and attacks to applications systems through threat modelling (PASTA and STRIDE)
    • Demonstrate experience with threat modelling theories and application architecture reviews
    • Have experience of monitoring security systems for threats