Information Security Engineer

  • Technology
  • London, United Kingdom

Information Security Engineer

Job description

About us:

The App Nest is a product business. We’re a team obsessed with creating incredible experiences for our fashion audience, partners and influencers


What we’re building:

We’re working hard to disrupt the fashion industry with a mobile platform that incorporates social media, content, e-commerce and gamification, hosting millions of luxury fashion enthusiasts.


The company is funded by a world class investor, we have a leadership team of world renowned industry experts, and are partnered with one of the largest and fastest growing international luxury multi-brand online retailers, as well as a host of A-List fashion influencers.


Our aim is to empower fashion lovers and revolutionise the way that people discover, shop for, talk about and engage with brands.


The role:

Our partnerships with global brands and ingestion of their customers secure data, through our applications, means that security must be bulletproof.


As our Information Security Engineer, you will be part of the wider product and engineering team supporting the platform wide effort to ensure our technical defences are fit for purpose and that all of our processes are security-led. As we scale, you will lead and define best practice to ensure that applications are integrated into a coherent security architecture, whilst educating relevant staff on a ‘security first’ protocols around every element off work that we do. Data is key to our business and success, and you’ll be the custodian of that, enabling rapid growth and acquisition of potentially millions of customers and hundreds of brand partners.


What’s in it for you?

A chance to join an innovative business with a unique proposition as we go through scale. With full autonomy in the role, you’ll make it truly your own. It’s a chance for you to ‘own the show’, deploying industry standard security practices, but also pushing the boundaries with ‘phishing attacks’ and managing a budget that sees us innovate in the protection of our customers most sensitive assets.

Why will you succeed?

Our growth plans are supported by a low structure environment that is high on autonomy. We’re proud of our supportive and focussed working environment, which an emphasis on collaboration, team-working and shared knowledge. It's fast and fun. We’d like you to join our success journey and help us map the way.

Requirements

We’re looking for someone who most essentially has:

  • Evangelised security throughout a business

  • Supported developers and product team in appropriately securing products they build.

  • Penetration testing skills

  • Experience of introducing and educating colleagues in security best practices

  • Experience with automating secure best practices in continuous integration systems

  • Been involved in architecture and design of software from a security perspective

  • Worked with DevOps and Development teams to harden on-premise and cloud infrastructure.

  • Worked autonomously and with their own initiative

  • Experience with securing web applications

  • Worked with Https, TLS encryption, OpenSSL/LibreSSL, SSH, VPN.

  • Knowledge of AWS

  • Knowledge of NIST and OWASP industry guidelines

  • Android/iOS security experience