LearnUpon is looking for a Senior Application Security Engineer to join our team in Dublin.
LearnUpon LMS helps organizations train their employees, partners, and customers.
Businesses can manage, track, and achieve their unique learning goals — all through a single, powerful solution.
With offices in Dublin (our HQ), Philadelphia, Utah, Belgrade, and Sydney, we are a team that puts our customers at the heart of everything we do.
We always act like an owner, lead with curiosity and strive to deliver quality on everything that we do.
Our offices are open, collaborative environments where our team and individual accomplishments are celebrated and encouraged.
Join LearnUpon, where we work together as a friendly, supportive team who, most importantly, like to have fun.
What Will I Be Doing?Overseeing the delivery and improvement of our internal penetration testing programWork closely with teams to identify vulnerabilities and risks in our application and supporting environmentsResearching, implementing and maturing tools to continuously improve and automate our application security postureAct as a security consultant to Engineering, advising on application security best practice and inputting on the development of application security improvements and remediationManage the security elements in our SDLC processOversee the design and delivery of targeted security awareness trainingWorking with Engineering teams so that security requirements are incorporated into the design of new application featuresMentor junior members of the team to ensure a minimum baseline of expertise in the teamAct as a security champion and support other teams in the delivery of strong security practicesWhat Skills Do I Need?5+ years of professional experience penetration testing, or a similar web application security roleExcellent knowledge of current / popular web application vulnerability / attack vectors including, but not limited to, OWASP Top 10In-depth experience of using proxy tools to intercept, manipulate and replay HTTP requestsA strong understanding of common web application architecture (including XHR requests, CORS, CDNs)Experience in security test automationThe ability to articulate technical risk to a non-technical audienceExcellent written and verbal communication skillsExperience in developer security awareness trainingStrong stakeholder managementDon't worry if you don't tick every box in order to apply, we're always happy to review applications and take all experience into consideration.
We do our best to provide feedback where we can! Not required but considered a big plusUnderstanding of cloud security concepts and demonstrable experience working in cloud environments (AWS in particular)Experience working with common application security tools (e.g.
DDoS protection, application security monitoring, web application firewalls, etc.
)A Bachelors Degree in a relevant discipline (e.g.
computer science, engineering)One or more security certifications such as EC Council Certified Ethical Hacker (CEH), OSCP, GWAPTExperience developing and applying security patterns and principles to ensure the secure design of systemsExperience performing secure code reviewsFamiliarity with Ruby on Rails and GoWhy Work With Us?Work in a fun and supportive environment with regular team eventsExcellent career progression - take LearnUpon where you think it can goStructured learning environmentCompetitive salary and company ESOPEmployer contributed pensionPrivate health insurance25 days annual leave + 1 annual company wellness day offWhat is the Hiring Process?Applicants for the position can expect the following hiring process:
Qualified applicants will be invited to schedule a 30-minute callSuccessful candidates will then be invited to a series of practical interviewsFinally, candidates will have a short interview with our C-SuiteSuccessful candidates will be contacted with an offer to join our teamLearnUpon is an Equal Opportunities Employer.
We do not discriminate on the basis of gender, marital status, family status, age disability, sexual orientation, race, religion, membership of the Traveller community, or any other legally protected status.
#J-18808-Ljbffr