Senior Application Security Engineer

Matillion is The Data Productivity Cloud.

We are on a mission to power the data productivity of our customers and the world, by helping teams get data business ready, faster. Our technology allows customers to load, transform, sync and orchestrate their data. 

We are looking for passionate, high-integrity individuals to help us scale up our growing business. Together, we can make a dent in the universe bigger than ourselves.

With offices in the UK, US and Spain, we are now thrilled to announce the opening of our new office in Hyderabad, India. This marks an exciting milestone in our global expansion, and we are now looking for talented professionals to join us as part of our founding team.

Role Purpose

Matillion is built around small development teams utilising a modern, cloud-based technology stack to deliver products. The AppSec Engineer will work in an engineering capacity to product and engineering teams to ensure security is baked into the product from the design phase creating a SecDevOps workflow.

What you will be doing

Design

Establish and lead security champions programme across the development squads

Build functional and nonfunctional requirements for the application in conjunction with the product team

Input abuse case stories into the product backlog

Evangelise security across the product team, ensuring security stories are prioritised against feature goals

Assess SDLC security gap risks and propose remedies

Consult

Instruct and guide developers on how to conduct Threat Modelling during application Design

Act as the single point of contact for security concerns arising from the development team providing advice on how to solve technical software issues

Lead the pentesting cadence around the core application set by conducting hacking exercises

Provide application code reviews against known development frameworks such as OWASP ASVS

Provide input into the design of functional and non-functional security controls such as customer authentication workflows

Run Security Champion sessions to keep developers aware of security developments

Engineer

Establish security into the CICD pipeline such as SAST/IAST/DAST

Automate and build nifty security tools to test Matillion applications 

Integrate testing, build failures and outputs to the development team to ensure passage to production is secure

Create security tests for code and assist developers in building security unit testing

Support

Responsive support to the development teams

Analysis of logs to identify issues and provide solutions

Innovation

Research projects, including prototyping, to explore future opportunities

Investigate new technologies

Optimise the infrastructure deployment process through use of automation, in-house and open source solutions

Self-Development and Growth

Develop new skills by working with other members of the team

Work with the Team Lead to identify training goals

Lead and partake in technical discussions within the team

Actively identify and complete opportunities for self-training and external training

Drive the team’s process of continual improvement

What we are looking for

Technical / Role Specific 

Essential

A passion and drive to succeed in Application Security

Understanding of Software Development Life Cycle

Desirable

Security professional at heart borne from a software engineering background

Experience of working with the OWASP ASVS framework

Experience in Agile delivery environments

Greenfield experience setting up security technologies from scratch

Outgoing and able to build relationships with key stakeholders

Personal Capabilities Required, e.g. skills, attitude, strengths

Can do attitude, willing to take on a wide range of security issues

Keeps up to date with security developments

Keen to engage with the security community on a range of topics

Fast learner

Matillion has fostered a culture that is collaborative, fast-paced, ambitious, and transparent, and an environment where people genuinely care about their colleagues and communities. 

Our 6 core values guide how we work together and with our customers and partners. We operate a truly flexible and hybrid working culture that promotes work-life balance, and are proud to be able to offer the following benefits:

- Company Equity

- 27 days paid time off

- 12 days of Company Holiday

- 5 days paid volunteering leave

- Group Mediclaim (GMC)

- Enhanced parental leave policies

- MacBook Pro

- Access to various tools to aid your career development

More about Matillion

Thousands of enterprises including Cisco, DocuSign, Slack, and TUI trust Matillion technology to load, transform, sync, and orchestrate their data for a wide range of use cases from insights and operational analytics, to data science, machine learning, and AI. 

With over $300M raised from top Silicon Valley investors, we are on a mission to power the data productivity of our customers and the world.

We are passionate about doing things in a smart, considerate way. We’re honoured to be named a great place to work for several years running by multiple industry research firms. 

We are dual headquartered in Manchester, UK and Denver, Colorado.

We are keen to hear from prospective Matillioners, so even if you don’t feel you match all the criteria please apply and a member of our Talent Acquisition team will be in touch. Alternatively, if you are interested in Matillion but don't see a suitable role, please email talent@matillion.com.

Matillion is an equal opportunity employer. We celebrate diversity and we are committed to creating an inclusive environment for all of our team. Matillion prohibits discrimination and harassment of any type. Matillion does not discriminate on the basis of race, colour, religion, age, sex, national origin, disability status, genetics, sexual orientation, gender identity or expression, or any other characteristic protected by law.