Join to apply for the Senior Application Security Engineer role at Shanghai VIM Industrial Design Co., Ltd.
About The Role
At Holland & Barrett, cybersecurity is at the heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity and eager to make a real impact, we want you on our team!
Key Responsibilities
* Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development.
* Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management.
* Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls.
* Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams.
* Team Support: Provide guidance and support to development teams on secure software production practices and flaw mitigation strategies.
Essential Key Requirements:
* 5+ years of experience in application security, with at least 3+ years in software development.
* Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms.
* Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization).
* Proficiency in programming languages such as Python, Java, JavaScript, GoLang, and Rust.
* Familiarity with Agile methodologies like SCRUM, along with proven project management skills to oversee multiple security projects simultaneously.
Desired:
* Independent, proactive, and detail-oriented, with a commitment to maintaining high security standards.
* Strong communication and interpersonal skills, facilitating effective collaboration with both technical and non-technical teams.
What We Offer:
* Pension company contribution = 3%
* Incentive scheme up to 10% of annual salary, based on company performance.
* Your wellbeing is paramount so you can get away and take 33 Days Holiday per year.
* Private Medical Care (Self after 1 year)
* Learning and Development opportunity with Holland & Barrett is a great base for career development long term.
* Career progression.
* Refer and Earn Scheme - as we're growing you can earn money by referring people to join us from your network.
* Epic Extras gives you access to exclusive benefits, free advice and savings from a range of retailers and providers.
* Stay healthy with Discounted Products - from day one you'll get a 25% discount (on top of other promotions) when you shop at H&B on anything that you buy.
* We all need a little help sometimes, so we offer Free 24/7 Confidential Advice & Colleague Welfare.
* Mental Health First Aiders - we have lots of qualified Mental Health First Aiders because it's all about your health & wellbeing.
* Stay active in the Onsite Gym at our Nuneaton Hub!
* We have colleague Reward and Recognition Schemes, so your hard work and loyalty won't go unnoticed.
* And many more!
We're passionate about helping every colleague thrive across all dimensions of wellbeing, and we're committed to having a diverse and inclusive workplace. In line with our EPIC values (Expertise, Pioneering, Inclusive, Caring), we embrace and actively celebrate all our colleagues' unique and varying experiences, backgrounds, identities and cultures - I am me, we are H&B.
Holland & Barrett does not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).
Seniority level
* Mid-Senior level
Employment type
* Full-time
Job function
* Information Technology
* Industries
* Computer and Network Security
#J-18808-Ljbffr