Senior Application Security Engineer

Company Description

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them save time and money.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at

Job Description

Experian, Global Security Office are looking for an experienced Senior Application Security Engineer to enhance our application security processes with emphasis on business engagement.

You will be responsible for static, SCA, and dynamic scanning, collaborating with software engineers, provide flaw mitigation recommendations, and implementing automated security controls throughout the development lifecycle and CI/CD pipelines. Ensure the Software Security Policy and Baseline requirements are met for new Agile deliveries and for legacy estate with flaws and issues managed throughout all stages of an applications' life.

This is a remote UK-based position reporting to the Manager of Application Security

Main Responsibilities

• Collaborate with software engineers and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC).
• Work with development teams to understand their needs and the risk profile for each application and customize solutions to meet the needs of the application
• Collaborate on the implementation and management of SAST, SCA, DAST, and other scanning solutions to provide coverage for the application portfolio
• Guide development teams through a review of their applications and risks against common application flaws (e.g., OWASP Top 10) and provide prioritized visibility to senior management along with context
• Operate as an advocate for Security in interactions with internal and external teams
• Work with Risk & Compliance teams on audits (e.g., SOC 2, PCI-DSS, HIPAA) and recommend relevant Application Security policy and procedures
• Contribute to internal and external/client audits, ensuring compliance with security standards
• Lead projects to implement security technologies enterprise-wide
• Integrate 3rd party and build custom solutions into our CI/CD pipelines and development cycles.
• Define security guardrails through automated tool policies, Service level agreements, custom rules, and support the developer community
• Support the enterprise in managing vulnerabilities through automated tooling and security assessments
• Work with Security Champions to build relationships and ensure main activities are supported and deliverables are achieved promptly.

Qualifications

• Direct experience in enterprise-level application security.
• Experience in AppSec or DevSecOps, collaborating and presenting to developers, supporting development teams to adopt and mature secure development practices
• Proficiency with SAST, SCA, DAST, IAST, RASP and others tools associated with DevSecOp.
• Experience with programming and software development including CI/CD pipelines and related technologies such as Git, Jekins, Maven, Chef, Puppet, Ansible, Nexus, Artifactory and NPM
• Experience overseeing the linking of applications between different departments and systems
• Understanding of MITRE, OWASP, SafeCode and risk management methodologies as they relate to integration/software testing.
• Good project management skills or substantial exposure to project-based work structures, project lifecycle models,
• Knowledge of cloud and GenAI security is an advantage.

Additional Information

Benefits package includes:

• Great compensation package and discretionary bonus plan
• Core benefits include pension, bupa healthcare, sharesave scheme and more
• 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here