This job might no longer be available.
Senior Application Security Engineer, Defence
1 year ago
Our team is responsible for securing the entire software development lifecycle process, looking at the application security of our product and its supporting infrastructure. We also partner with internal development teams to advise and support the deployment, security and operation of our platform with customers and external partners.
To meet our customer needs, our software needs to be available to them. And it’s our work that makes that possible: - from deployment architectures that can exploit the cloud, but run on physical hardware if needed - through security patterns that can comply with the more stringent requirements, but don’t slow developers - to monitoring and operational tools that support managing the platform.
The Security Engineering team is responsible for providing guidance in security best practices, reviewing and implementing solutions to unlock ways of working that are efficient and secure. A fundamental part of our team is to research and share in-depth security knowledge of products, libraries, and services we base our product on, enabling engineering teams to make the correct decisions as they innovate and create the future of simulated worlds for defence.
#LI-SM1
Areas of Impact:
- Assessing and integrating security tools into our Secure SDLC ecosystem, to improve the security of the software we produce.
- Drive the continuous improvement of our software delivery pipeline security, enhancing our CICD processes and workflows in line with security best practices.
- Delivering training and facilitating security focused sessions to our engineering community.
- Designing, implementing and supporting the creation of tools and services to automate day-to-day tasks across the security engineering teams.
- Facilitate engineering teams in writing secure and deployable software, by providing best practice guidance, reviewing code and architecture.
- Supporting the overall business by providing security engineering expertise, by helping define security requirements, and supporting other teams running security investigations.
- Researching tools and libraries used within our tech stack to provide guidance on security best practices.
- Conduct security reviews of the Secure SDLC, including the testing of controls that are implemented, and driving a continuous improvement of the secure SDLC.
We would like to hear from you if you identify with the following:
- You will bring together a range of knowledge and skills within the domains of Application Security and Engineering.
- You will use your team working skills to work with engineers in other teams to understand the security implications of their decisions, whilst reviewing their code, designs and proposals.
- You will help and advise our engineering design to make best use of orchestrating frameworks such as kubernetes, and understanding security implications of executing a micro-services architecture.
- You will lean on your experience securing software workloads executing in cloud environments, by employing best in breed patterns and practices to encourage a “Secure by Default” culture.
- You will bring an understanding and mindset of “thinking like an attacker” to add another perspective to how our software workloads are secured.
- We work internally with GCP, so experience here will be beneficial, but we’re also interested in AWS, Azure and on-premises skills.
- Importantly, you are considerate, humble, and a strong believer in teamwork and motivated by their success.
About Us
Improbable is determined to foster an environment where people can do their best work and feel like they belong. We believe a healthy culture, strong values and contribution from a diverse range of individuals will help us to achieve success.
We do not discriminate based on race, ethnicity, gender, ancestry, national origin, religion, sex, sexual orientation, gender identity, age disability, veteran status, genetic information, marital status or any other legally protected status.
Create Your Profile — Game companies can contact you with their relevant job openings.