Senior Application Security Engineer

Being a great tech company, Forsta has an amazing Engineering team behind it. Our Engineering team turns ideas into products and makes our vision a reality! We are the true innovation masterminds of Forsta, the ones building our software so our company can continue delivering solutions that allow global businesses and market research agencies to be successful.We are growing and are looking for several new colleagues to join our teams in Oslo. We are especially looking for more people in the area of application security. You will be working with the application security lead and other security focused employees both in Norway and abroad that all cover various parts of the information security field.You can expect your responsibilities to cover some of the following areas:Prevention and early detection (shift left) of vulnerabilities through developer training and awarenessPrevention and early detection of vulnerabilities through SAST, DAST, SCASolve problems together with devs, devops and cloud opsHandle external penetration testsTest for vulnerabilities (red teaming)Assist with advice and/or writing code for security specific functionsThreat modeling sessions with product teamsDevelop systems for testing and reportingStay up to date on attacks and vulnerabilitiesShare knowledge and promote secure coding and deployment in the organizationYour Role Will Require and Challenge You ToBe passionate about security in all stages of a product lifecycleShow analytical and communication skillsAcquiring new knowledge and turn it into actionable changesShow persistence in finding vulnerabilities, qualifying/prioritizing vulnerabilities, and seeing them fixedTake pride in what you deliverAbility to work independently and as part of various teamsBe a strong team player and prefer to work with others in all phases of the development processEnjoy collaborating across departments and borders in an international environmentTake responsibility, learn continuously, and lead initiatives and projectsQualificationsA degree in Computer Science, Information Security, Cryptography or similar, or professional experience in information security software development or system administrationFluent in English (our working language) and NorwegianExperience with at Least Some of the FollowingWeb app developmentMobile app developmentKubernetes/containersSecurity testingAttack techniquesSecure codingOWASP top 10, HIPAAWeb proxies, Burp Suite, ZAP, sqlmap, other reconnaissance and vulnerability detection toolsSAST, DAST, SCAOpenID connect, OAuth 2.0, SAML2Security headers, same origin policy, authentication tokens, certificatesAzureWeb serversAdditional InformationPlease note that the job is located in Oslo, Norway.We require applicants to already reside in Norway with a relevant work or residency permit.Our privacy policy can be found here: https://www.pressganey.com/legal-privacy/