Application Security Engineer
We’re Bulb, an independent and renewable energy supplier. We have developed a unique operating model to provide affordable renewable energy to UK homes and businesses. Technology is at the very core of both our business and our members' experiences. We’re also the first and only UK energy supplier to achieve B Corp status.
At Bulb we want to hire people with the experiences necessary to get going quickly, but who are also interested in learning new things and are comfortable working in a changing environment.
Here are some of the things we think will be valuable, but we're also open-minded. If you recognise yourself any of these traits then we’d love for you to send us an application.
You'll spend your time
- Pairing with developers on security code reviews, imparting secure development practices while you find and help remediate vulnerabilities.
- Tracking the security of Bulb’s third-party libraries and managing the integration of urgent vulnerability mitigations.
- Working on our internal development frameworks to build systemic solutions for vulnerability types and to shield developers from places where third-party code wasn’t designed with safe defaults.
- Managing external code reviews for high-exposure projects.
- Integrating static analysis into our continuous integration process and helping developers work with it.
- Helping design and build security-critical product infrastructure like key management for column-level control of data access by microservices.
Nice to haves
- 3-5 years work experience in application security
- Hands-on experience with:
- Professional development in Typescript/Node.js and Python 3
- Web and service level security vulnerabilities and bug-class-killing mitigations
- Auditing code for security and communicating vulnerabilities and mitigations
- Technologies such as GraphQL, Koa, React, JWT, GCP, Kubernetes, Docker
- Library design, particularly in seeing libraries as a designed user interface for developers
- Ability to thrive and succeed in a dynamic, fast growing, startup environment
- Experience with coaching development teams
- Able to act as a cheerleader and champion for security at Bulb
- Strong written and verbal communication skills
- Be part of a growing technology startup and help shape the future of energy.
- Training budget of £1000 a year, plus five working days to spend on professional or personal development. You can use this for training courses, books or conferences.
- 33 days holiday a year (including bank holidays) and the option to buy up to 5 more.
- After a year at Bulb, you can take an additional month of unpaid leave to travel, work on personal projects or simply to recharge and reboot.
- 12 weeks of full pay for maternity, paternity or adoption leave.
- We all own a bit of Bulb.
- Activities to improve your mental and physical well being including office yoga, meditation and Sanctus coaching.
- Healthcare and a pension plan with employer contributions, childcare voucher scheme and a cycle to work scheme.