Security Engineer / Application Security - SAST (SE 01)
Location: Letterkenny – Hybrid 3 days per week in office
Join a global tech leader right here in Donegal. With over 850 employees and a state-of-the-art global delivery centre, we’re proud to offer world-class career opportunities without having to leave the Northwest. Recognised as Workplace of the Year by the Letterkenny Chamber, we foster a culture of continuous learning, innovation, and respect. Our people are at the heart of everything we do – collaborating across teams, geographies, and disciplines to drive real change for clients around the world. Be part of something global, grounded in Donegal.
The Role
Application Security role within the customers Attack Surface Management team. The client, a large US based Financial Services group, is looking to expand its team with experienced security resources that can deliver Application security testing with remediation expertise. Are you happy with development teams to show the vulnerabilities that have been discovered and work with them to remediate these? Able to strategically look for trends and address quickly and securely?
Your responsibilities:
* Operate as an Application Security Evangelist, focused on threats and security measures at the application level, dealing with software architecture and application coding.
* Providing manual code assessment, reviews, and automated application security services as part of a SAST team.
* In depth understanding of application security risks and how to test them.
* Provide targeted, language specific vulnerability guidance to the development community and confidently support customers with remediation advice and best practice recommendations.
* Work across groups to reduce application risks and remediation of vulnerabilities.
* Build trust with multiple stakeholders and establish yourself as key support for driving remediation efforts.
* Analyze vulnerability data to look for trends and be able to create risk-based action plans to address quickly and securely.
* Research latest and emerging security threats and keeping up to date with Industry trends for Application security testing.
* Tuning SAST tools to improve performance and reduce false positives.
* Critically analyze new tools to enhance the security testing process.
Your Profile
Essential skills/knowledge/experience:
* Proven industry experience in Application Security focused on Static Application Security Testing, covering APIs, Web & Native Mobile Applications.
* Completing security assessments of code in multiple languages, especially Java.
* Working knowledge of micro-service architecture and how to test for security vulnerabilities.
* Proficient in utilizing the CVSS (Common Vulnerability Scoring System) calculator to accurately assess and prioritize risks based on severity and potential impact.
* Excellent communication and interpersonal skills, with the ability to clearly articulate vulnerabilities, risks, and remediation strategies to diverse stakeholders, including both technical and non-technical audiences.
* Proactive self-starter who can work well within diverse teams.
* Hands on experience recommending and implementing vulnerability remediation.
* In depth understanding of application-level security risks and how to test for them, confident with finding, testing and remediation of latest OWASP Top 10s and SANS Top 25 vulnerabilities.
* Certified Static Application Security Testing knowledge.
* Familiar working across multiple technologies such as Checkmarx, SonarQube, Jira & ServiceNow.
* Ability to deliver several key pieces of work at pace, whilst maintaining high standards and experienced in managing and coordinating tasks across multiple programs.
Desirable skills/knowledge/experience:
* Development experience.
* Application Penetration testing experience.
* Experience with CI/CD pipelines and familiar with technology such as Jenkins, Harness, Bitbucket, Artifactory.
* Experience with the New Ways of Working (NWOW) framework and Agile methodologies, effectively adapting to dynamic project environments and promoting continuous improvement.
* Project Management experience would be beneficial.
* Experience working within the financial services industry.
Rewards & Benefits
TCS is consistently voted a Top Employer in the UK and globally. Our competitive salary packages feature pension, health care, life assurance, laptop and access to extensive training resources and discounts within the larger Tata network.
We offer health & wellness initiatives and sports events; we are the proud sponsor of the London Marathon and partner with our local communities in Ireland.
Diversity, Inclusion and Wellbeing
Tata Consultancy Services UK&I is committed to meeting the accessibility needs of all individuals in accordance with the Ireland Employment Equality Acts 1998-2011 (as amended) and the Equal Status Acts 2000-2012 (as amended). We welcome and embrace diversity in race, nationality, ethnicity, disability, neurodiversity, gender identity, age, physical ability, gender reassignment, sexual orientation. We are a disability inclusive employer and encourage disabled people to apply for this role.
Beware of Fraudulent offers
This is to notify you that TCS does not ask for any sort of payment or security deposit from candidates at any stage of the recruitment process. The firm never sends out job offers from free internet email services like Gmail, Yahoo Mail, and so on. TCS has not authorised any third-party company to collect money on their behalf. As a vigilant job seeker, beware of fraudulent recruitment activity and protect your interests! You can write to UKI.recruitment@tcs.com to report any fraudulent activity.
Due to the high volume of applications, we will be unable to contact each applicant individually on the status of their application. If you have not received a direct response within 30 days, then it should be deemed unsuccessful on this occasion.
Join us and do more of what matters. Apply online now.
#J-18808-Ljbffr