Application Security Manager

Job content

Unily is an award-winning enterprise employee experience platform designed for the world’s leading enterprises to connect, inform, and engage globally diverse workforces with a meaningful digital experience. Unily was founded in 2005, and with $68m in funding in 2019 and a new investment in partner in 2022, we plan to triple in size by 2026 – in both customers and colleagues. We are growing at a rapid rate so there really is no better time to join us.

The Role

Our platform is growing and scaling at a rapid rate and we recognise the importance of ensuring our platform meets the rigorous security standards expected of an enterprise level platform. We are pleased to announce a new position for an Application Security Manager.

A pivotal role within our Product Team and reporting to the Head of QA, the Application Security Manager will be will be responsible for setting and enforcing enterprise-class application security standards for the Unily product.

Responsibilities

• Design Security standards and best practices, aligning with the overall Unily technology strategy
• Curate a set of application security controls and best practice security approaches
• Design security architecture features to mitigate threats as they emerge
• Work with Architects/Operations to review and design solutions that balance business requirements with information and cyber security requirements
• Design and implement a Secure SDLC and communicate and train Engineering staff to support its adoption
• Work with Architects/Operations/Product Managers to build roadmaps that ensure that the Unily application is secure
• Review of code for architecturally significant areas
• Be involved in maintaining the KPIs/metrics around security standards for the products
• Liaise with internal stakeholders and external vendors to coordinate regular Penetration Tests
• Manage findings from Unily and customer conducted penetration tests and security scans, providing responses, and raising defects for remediation as necessary
• Provide responses on application security to contract proposals and RFPs
• Ensure Security roadmaps are always current and up to date
• Ensure Security KPIs/Metrics are always current and up to date
• Implement security training plans for teams
• Develop and Coordinate security champions within sprint teams
• Identify and communicate current and emerging security threats using industry threat intelligence
• Continuously look for ways to improve effectiveness and productivity and provide innovative solutions to difficult problems
• Knowledge sharing of technology/trends to teams

Desirable Knowledge, Skills and Experience

• Strong .NET, JavaScript, and cloud database skills
• Understanding of REST APIs
• Understanding of Web Architecture
• Experience in ethical hacking, Penetration Testing/Code scanning tools
• Expertise in Identity and access management (IAM) frameworks
• Experience of presenting and training various people in an organisation on security standards and best practices
• Ability to explain complex concepts to diverse audiences
• Experience of Agile methodologies
• Understanding of Software Security Architecture and Design, SDLC and the ability to clearly articulate best practices for application security
• Experience with the OWASP Top 10, WASC TC v2 andor CWE Top 25 - how to identify and remediate them
• Security experience with public cloud environments such as Microsoft Azure
• Experience of security for mobile applications (phone, tablet)
• Certified in recognised industry security qualification:

Certified Information Systems Security Professional (CISSP)

Information Systems Security Architecture Professional (ISSAP)

Required Attributes

• Ability to create and follow processes thoroughly and attentively
• Excellent spoken and written communication skills
• Capable of working independently and as part of a team
• Passion for quality with high standards for personal and collective achievement
• Friendly, with a good sense of humour

Why work for Unily?

In addition to a generous base salary and discretionary company bonus, here are some things we think you will love:

Our awesome team culture. We are focused on achieving results as a team and having fun whilst we do it. You won’t find a friendlier or more dedicated bunch of people.

Our industry leading product.We are very proud of our ever-evolving product, naturally we use (and love) it internally and provide the tools and resources for you (and our clients) to become an Unily expert.

The flexibility that we offer. We don’t just mean working from home occasionally. We operate on a hybrid basis, and also recognise that life happens during the 9-5.30 and encourage a sustainable work/life balance.

Our bright and modern office spaces. When you need to be in the office we want it to be like being at home. We have a well-stocked kitchen (with a beer pump), ample parking and the option to bring your dog to work.

We offer a fantastic suite of benefits. Including 25 days holiday, Vitality life cover, Aviva pension, life assurance, income protection and so many more.

Our commitment to sustainability and giving back to the community. We offer 1 fully paid volunteering day per year and the option to lease an Electric Vehicle through our salary sacrifice scheme.