We’re looking for a self-motivated SENIOR SECURITY ENGINEER – UK. Someone who has a DevOps and Cloud approach, to help drive the Product Security Architecture & Research function(s) for Anaplan development services.
Open to considering candidates remotely, with some travel expected to London.
This opportunity is responsible for working with the other Engineers, Architects and Security teams across Anaplan, collectively providing mentorship and strategies that improve the security posture for our employees and data. You will be working with business customers, Engineering management, infrastructure, development, project managers and other security teams to craft the vision, structure, standards and plan for solutions that support Anaplan’s strategic business direction.
What you'll be doing:
- Conceive of and collaborate on novel ideas to identify risks at scale and building tools and scripts
- Rapidly prototype to assess efficiency of project ideas.
- Stay on top of ground breaking Application Security standard methodologies, and tools, assessing their utility at Anaplan.
- Understand new technologies and their strengths/weaknesses in the context of AppSec tooling.
- We perform operational security reviews of feature implementations
- Perform regular secure coding & secure design workshops for developers
- Perform risk assessments of new and emerging threat types
- Collaborate with QA teams by implementing automated security unit and functional tests
More about you:
- A genuine passion for security; a respect for the development process; and a firm desire to help improve our products. We push for modern best practices in software development and deployment, using Agile development principals
- Prior experience in building pragmatic and effective security testing techniques/tools is a huge plus.
- Experience in threat modelling web applications and microservices.
- You'll have an understanding of Modern Auth (SAML 2.0, OAuth) and and SSL certificate management, PKI, CA and their use.
- Experience in containers and their hardening/security
- Have a clear understanding of security concepts e.g., Authentication, Authorization.
- Deep knowledge of application security vulnerabilities (OWASP Top 10) and mitigation techniques.
- We bring knowledge of emerging threats, mitigations and industry trends.
- Experience with SAST, DAST tools and prior experience of AWS, GCP services and architectures
- Thrive in an environment that deeply values collaboration, feedback and learning, believe that quality is something we all take ownership of and write high-quality, testable code.
- Experience using TDD more importantly, you want to make use of that experience.
What we offer:
- A rewarding, progressive career with a company that values diversity and understands the need for a good work/life balance.
- Market-leading salaries combined with generous bonuses and a comprehensive range of benefits.
- Flexible working and plenty of parties and events.
- 25 days holiday plus three days of paid leave every year to help support the charity or cause of your choice.
- Huge problems to solve – you will constantly be learning and pushing boundaries, while working with some of the smartest people around!