Application Security Engineer

Salary Competitive

At SmashFly, you will be building marketing automation software for recruiting. What we’ve created is truly best-in-class software that helps companies attract and proactively communicate with today’s top talent. The SmashFly solution is used by some of the world’s biggest brands – and we need talent like you to help us constantly improve our technology for them. The work we do here matters to companies and job seekers alike.


Ideal Match:

As a specialist, you will work with Agile delivery teams to develop good security practices throughout the software development journey and share knowledge to help educate people on how to implement code securely.

What you’ll be doing:

The Application Security Engineer role underpins SmashFly’s commitment to producing world class, secure recruitment marketing platforms. The overarching responsibility is:

  • Application security testing – working with the development team, using automated and manual methods, to test the application for security vulnerabilities.

  • Application vulnerability risk analysis - estimating vulnerability risk in context of specific application, environment and business scenarios. This will include writing and demonstrating vulnerability "proofs of concept”, explaining this to technical architects and business stakeholders.

  • Security Consulting – working with technical architects and developers on design of security-sensitive features; providing technical expertise to security related questions in design and development stage; assistance in development of automated testing suites to enforce security standards in newly written code.

  • Ownership of security toolsets for the discovery and investigation of potential vulnerabilities and activity monitoring.

  • Helping to embed security in the development and operational lifecycle and showing continued security value by presenting risk from the customer and business perspective.

  • Acting as security evangelist and ‘mentor’ to the business and development teams.


The skills you should have:

- Experience of a variety of SAST and DAST security tools.

- Excellent skills in penetration testing of web applications.

- Experience working with external pen testers and/or acting as a primary contact for their testing.

- Solid and demonstrable comprehension of cyber and information security including secure coding, security in the SDLC, hacking techniques and the evolving threat landscape.

- Good knowledge of secure development practices such as OWASP and BSIMM.

- Experience with web application firewalls.

- Working knowledge of infrastructure security scanning software.

- Technical mind-set with an aptitude for analysis and investigation.

- Keeps up to date with industry trends, new threats and changes in the security landscape.

- Able to analyse technical data to decipher, prioritise and act upon findings.

- Knowledge of current information security standards and regulations such as NIST 800 series and ISO27000 series.

- Knowledge of HTML, JavaScript, and server-side languages such as .NET, PHP, and Java.

- Experience of working in an Agile environment.

Key skills:

- Excellent oral and written communication skills.

- Self-starter who is able to work on their own and seek out new areas for investigation.

- Ability to discuss technical principles and issues to both technical and non-technical business teams.

- Deliver on time and be work on own initiative to ensure tasks are completed.

- Dependable yet flexible with the ability to carry out scheduled activities.

- Strong people and engagement skills.

- Enthusiastic and shows a wiliness to learn new skills and take on new work.

- Strong analytical, organisational, multitasking and prioritisation skills.

- Ability to work effectively with all levels of the organisation.

- CISSP - desirable.

- CEH or CREST.

- Bachelor’s degree in computer science, related discipline, or equivalent experience.


Our track record so far!

- We are a growth-mode software startup backed by well-respected venture capital

- We’ve delivered significant year-on-year growth since our founding

- We’re the top ranked company by Glassdoor

- We offer great benefits including a flexible working approach, great holidays, private health care, stock options, weekly happy hours – and much more …….you get the idea!


Oh, and our application process is easy, pretty transparent and painless.

We need talent like you to join us. Ready to apply? Get started.

Smashfly Technologies Ltd is an equal opportunities employer

Perks and benefits

This job comes with several perks and benefits

Free friday beers
Free friday beers

Friday is something special, let's enjoy a beer together.

Equity package
Equity package

Want to be a partner? Look no further.

Healthcare insurance
Healthcare insurance

Break a leg! Seriously, we got you covered in our company healthcare plan.

Maternity / paternity leave
Maternity / paternity leave

Kids are the future, go spend time with them.

Pension plan
Pension plan

We take care of you, even when you are old and wrinkly.

Social gatherings
Social gatherings

Social gatherings and games; hang out with your colleagues.

See all 8 benefits

Working at
Smashfly

We build marketing automation software for recruiting.  What that means is we design, create and market technology that will help organisations hire the best talent – and job seekers find their ideal career and culture.  And this matters, right? You’re a job seeker right now. You know how much this matters. Our platform is made to: - Deliver a personalised candidate experience - Build meaningful relationship with talent - Provide reliable data for actionable insight SmashFly was born out of a vision to do better when it comes to helping people find their fit and companies to find the best talent. That vision ran through home offices, on through to our amazing space in Concord. We’ve spent our 10 years creating a new category in the recruiting space, and we are looking for people to help us grow to continue to change the game. As a venture-backed startup, we’re looking to the next 10 years to build on our history of growth and challenging the status quo to create a new experience for candidates and for companies. One that is anchoring in building relationships and bring people and brands together around meaningful work.

Read more about Smashfly

company gallery image