Application Security Engineer

ITV plc ,
London, Greater London

Overview

Job Description

Application Security Engineer Permanent London Why should you join us... At ITV, we want to be the digitally led company that brings brilliant content to global audiences wherever, whenever and however they choose. ITV is going through an exciting time working towards our 'More than TV' strategy, and Cyber Security is at the forefront of the change. Our teams design, build and deliver new and existing products and productions daily which brings incredible variety to the roles we play. Innovation is at the heart of what we do, and you will have an opportunity to truly shape our security and the technology we work with. We are an established team exploring new ways to work and support all areas of the business in engendering a true secure by design approach. We have an exciting new opportunity for an Application Security Engineer to develop and maintain the right security tools to provide high levels of security assurance across ITV Applications. You'll need strong agile software delivery skills, and must be able to work with developers that use different languages to help ensure coding practices remain in line with Secure Development. You will champion security throughout the development teams and be the voice of security at daily stand-ups and scrums. The role will also align closely with, and leverage the experience of the wider cyber security team particularly when managing incidents. This is an ideal role for someone looking to help define and deliver ITV's application and cyber security capabilities. We welcome applications from good developers that want to focus on security longer term. Some Key Responsibilities: * Define and embed technical security policies, principles and standards. Use code analysis solutions to evolve the secure by design principle. * Develop, maintain and automate security tools for secure SDLC, including ongoing developer training * Maintaining good practice around code repo's (like Git), identifying and remediating weaknesses in Open Source libraries * Lambda (server less functions) *