Application Security Engineer

At Evri we understand that searching for your first job, your next job, or that big promotion is a huge milestone. Here at Evri we always think about what it's like to be in your position when making those big decisions. It takes courage to make change happen in your life, and we're here to help you with that.

We're here for the first step, the next step, and the big step.

You're not just a number to us. You've got to know you'll love working here. It's as important to us as you ‘being the right fit'. We want to help you feel what it's like to work at Evri, to see the value you can bring to any of our roles, and how we can help you grow. We're never one-size-fits-all. Our careers are as unique as you are.

We are looking for an Application Security Engineer to own and develop the Evri security strategy, architecture and practices. The Security Engineer role will be required to own the process to ensure new solutions meet security standards and align to the strategy.

Evri is leading the way in creating responsible delivery experiences for everyone, everywhere, and that's how we approach our talent development. We're a kind, ambitious and diverse team, always supporting and encouraging each other. Our people are extremely important to our business, without them we wouldn't be where we are today, striving to do the best for our customers and clients. If you like what you hear, then we'd love you to apply!

You will be accountable for:

• Contributing to the Cyber Security maturity improvement roadmap to improve the security landscape
• Participate in the implementation of the secure Software Development Life Cycle across all internally developed applications at Evri
• Collaborate with the Test teams in developing manual and automated security testing of Evri applications
• Identify risks and areas of exposure in applications developed by Evri
• Partner with various development teams and business units to resolve vulnerabilities.
• Integrate security tools into development teams CI/CD process.
• Educate developers on secure coding techniques and security best practices.
• Participate in development of security policies, standards, and processes.
• Read and understand security test reports. Provide advice in remediating vulnerabilities and following up with the risk mitigation
• Monitor industry trends and threat landscape and recommend necessary controls or countermeasures.
• Build and maintain internal tools to streamline software development process to enhance productivity
• Support the vulnerability scanning processes at Evri.
• Work with Engineering, Architecture, and IT teams to meet (SLAs) and business metrics.

To be successful in this role you will require the following…

• 3+ years' experience in Cyber Security or within Engineering in a Security Capacity.
• Conceptual understanding of software development principles and SDLC models.
• Ability to define application security requirements and support the built of secure application solutions.
• Knowledge of encryption technologies, secure communications, and secure credentials management.
• •Experienced in using C#, .NET, or a similar programming language.
• Previous experience with common SAST/DAST tools
• Advanced knowledge of common application vulnerabilities and respective mitigations, (e.g.: XSS, CSRF, SQL injection, cookie/header/encoding manipulation, input/output validation, session replay).
• General knowledge of security industry standards (NIST, PCI, ISO), best practices (ITIL), regulations (DPA), news, and other relevant Cyber Security information.
• To be able to interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers
• Supports projects for security service and technology deployments and coordinate with teams across the organization
• Ability to multi-task and manage priorities in a fast-paced environment.
• Ability to collaborate in a team and work independently.
• Ability to communicate with technical and non-technical audiences at various levels
• Ensure the security strategy and artefacts are kept current with emerging threats

Why Work Here?

We're constantly looking at ways to become a more inclusive and diverse employer, and our benefits package is important to us. Here's some of what we currently offer:

• Flexible working; work from home, or in the office – whatever suits you. You can also choose your working pattern – if you'd like to work full-time, or part-time, just let us know!
• 26 days + bank holidays, as well as an option to buy and sell up to 5 days holidays.
• Bonus Scheme; an annual bonus that can earn up to 15% if you really push the boundaries
• Career progression framework; map out your next steps in your career
• Pension; 3% employer contribution on top of what you choose to commit yourself
• A range of discounts from our clients
• We also have a range of flexible benefits such as additional life assurance, critical life insurances and others to choose from

In addition to this, Evri have recently launched a fantastic new benefit which allows employees to request to work from anywhere in the world for up to 90 days.

At Evri, we know we only grow if our people do too. That's why we're committed to building a truly inclusive and diverse workplace where everyone can bring – and be – their whole authentic selves.

We're on a journey to better represent the customers we serve around the UK. We're committed to removing barriers and ensure that each person at Evri is valued for who they are, and what they bring to our business.

We are Evri. Where everyone is welcome.

We're excited for the future. Let's deliver it together.

ADZN1_UKTJ