Babylon Health
,
London, Greater London
Application Security Engineer
Overview
Job Description
We are a team on a mission, to put accessible and affordable healthcare in the hands of every person on earth. Our mission is bold and ambitious, and it's one that's shared by our team who shares our values, to dream big, build fast and be brilliant. To achieve this, we've brought together one of the largest teams of scientists, clinicians, mathematicians and engineers to focus on combining the ever-growing computing power of machines, with the best medical expertise of humans, to create a comprehensive, immediate and personalized health service and make it universally available. At Babylon our people aren't just part of a team, they're part of something bigger. We're a vibrant community of creative thinkers and doers, forging the way for a new generation of healthcare. We're only as good as our people. So, finding the best people is everything to us. We serve millions, but we choose our people one at a time... Babylon's Cyber Security function is looking for an experienced Application Security Engineer to support the continuing and rapid build out of our global Cyber presence. This individual will be responsible for designing, implementing, configuring and monitoring security tools in Babylon's CI/CD pipeline. The will work with development teams to leverage these security tools and incorporate feedback to improve their effectiveness. Key Responsibilities * Design and implement mechanisms that efficiently identify and report software security risks within the existing CI/CD pipeline * Enforce and govern the use of SAST & DAST security tools, container security tools and security training, while leveraging automation across the lifecycle * Design, deploy and administer security monitoring tools for the security aspects of the CI/CD pipeline * Help engineering teams leverage all security tools and understand how to benefit from them * Listen to engineering teams and gather their feedback on how to improve the security tools in the CI/CD pipeline * Work with the management of engineering teams to surface the security metrics from security tools that is meaningful to them * Work with the GRC team to ensure that necessary regulatory controls are implemented Key Skills Required * A passion for helping development teams, an interest in software security, and the desire to embrace the challenge of combining the two * Experience installing, configuring, operating and monitoring CI/CD pipeline tools e.g. Github, CircleCI, Quay.io, Jenkins * Experience installing, configuring, operating and monitoring software security pipeline tools e.g. SAST, DAST, OSS scanning, container scanning * Experience integrating multiple tools together to create pipelines * Strong grasp of infra-as-a-code and configuration tools, e.g.: Ansible/Chef, for the purpose of deploying security tooling * Experience of extracting metrics and events from security tooling * Experience working with and securing microservices in multiple languages * Strong and clear communication skills, both verbal and written * 5-10 years experience Desirable * Experience of extracting metrics and events from security tooling * Experience working with and securing microservices in multiple languages * Software security vulnerability knowledge e.g. OWASP Top Ten, SANS Top 25 * Hardening of container technologies, i.e.: Docker * Technical knowledge of secure engineering principles and standards * Programming and scripting abilities across a range of languages e.g. Java, Go, Python, Scala, Ruby * Exposure to a range of technologies e.g. Kubernetes, Istio, AWS Benefits * Strong market based compensation packages * Stock options in Babylon * Free Babylon for you and your family * Central London offices (Liverpool Street) with the option to work remotely 2/3 times per week. * Free healthy breakfast, and snacks * On site table tennis and videogame competitions * Regular social gatherings and an intimate, collaborative environment * A real entrepreneurial spirit and drive to make a tangible difference in the world * Free weekly yoga or football sessions * Pension scheme * Childcare vouchers * BUPA health and life insurance