Be at the heart of actionFly remote-controlled drones into enemy territory to gather vital information.

Apply Now

Application Security Engineer

ESO
Belfast
8 months ago
Applications closed

Related Jobs

View all jobs

Information Security Analyst

Head of IT Security and Platform Engineering (Hybrid) Newcastle - To

SIEM Application Engineer

Security Engineer

Infrastructure Security Engineer

SIEM Application Engineer - ElasticSearch

How You’ll Support Our Mission

ESO’s teams are growing, and our software is in demand globally by firefighters, paramedics, hospitals and governments. To meet this demand, we are building an industry-leading cyber security team in Belfast to protect our customers and data from a variety of fast moving and constantly evolving threats.

We are looking for an Application Security Engineer to join our Belfast and US teams. Work alongside our fire, hospital and EMS Engineering teams to secure our mission-critical applications. These applications are used to help our customers go about their daily job of protecting their communities and saving lives.

You will refine our application design and protection using offensive security techniques like design assessment, research, threat intelligence, threat modelling, and controls optimisation.

You will conduct security assessments of our applications, identify issues, and help address them early in the development cycle. You'll also support developers in improving coding practices to enhance security and assist with remediating findings from security assessments.

Our Security Engineering team operates autonomously within a motivated and forward-thinking Security team. Join our diverse, growing team, working on mission-critical products with training and mentoring support.

What You’ll Be Doing – the day to day

  • Have significant impact on the security of our systems that are used by thousands of fire fighters, paramedics and hospitals worldwide.
  • Be a key part of our cyber security team, with demonstrable impact on the security of our systems and applications.
  • Conduct internal security assessments of APIs and Cloud infrastructure, validate controls, design across our estate, and lead remediation activities prioritization.
  • Enhance Secure Development by contributing to threat modelling, risk assessment, evolving Secure Coding Guidelines, and maintaining core security controls like SAST and DAST deployments.
  • Provide technical support with risk assessments on PHI, and steering improvements to our environment in line with common standards such as NIST.
  • Support External Penetration Testing and application vulnerability efforts, delivering assessments and prioritizing remediation activities across the organization.
  • Be across Threat Intelligence relevant to our industry and geographic regions, and translating that to real world defences for us as an organization.
  • Work collaboratively cross-team, to impart your expertise across the organisation.
  • Be in the detail, working shoulder-to-shoulder with our technology teams.

Who You Are - some of the essential things required to be successful in the role

  • At least 4 years' experience in securing software or infrastructure, penetration testing or pure product or application security.
  • Expertise in offensive security techniques and methodologies, including ethical security testing.
  • Deep understanding of secure coding practices, common vulnerabilities and risk scoring methodologies (OWASP Top 10, CWE, CVSS scoring etc.).
  • Experience communicating to stakeholders of varying technical skill levels.

Your experience should include:

  • Using offensive security tooling, including tools such as Burp Suite, Kali, Metasploit and such.
  • Scripting including the use of python, Powershell, bash or Javascript.
  • Securing networks, hosts, web applications and cloud native deployments.
  • Working with toolsets such as: vulnerability management, firewalls, SIEM, PAM, IDS/IPS, EDR/XDR, WAF.
  • Working with code security controls such as SAST / DAST / IAST / RASP.

You should also:

  • Have some knowledge in securing Continuous Integration / Continuous Deployment and associated practices.
  • Understand current attack tactics, techniques and procedures along with the use of MITRE Attack framework, as well as other more recent MITRE initiatives.
  • Be inquisitive, have a passion for what you do and understanding how your work impacts and contributes ESO’s success.

Who You Are – it’s desirable if you have any of the following

  • Certifications such as OSCP or OSCP+, OSCE GPEN, OSWA, OSSTIMM or equivalents.
  • Exposure to Infrastructure as Code and Azure native technologies.
  • Experience with threat modelling, NIST and CIS frameworks.
  • Experience working with and securing FHIR, HL7 APIs, medical applications or hardware.

Benefits & Perks!

  • Life insurance (4 x base salary) Income protection insurance.
  • A generous pension contribution.
  • Private medical insurance including optical and dental.
  • A health cash plan.
  • Modern City Centre office and a flexible hybrid working policy.
  • AwardCo Recognition Program.
  • Enhanced paternity leave and pay, enhanced adoptive pay, enhanced maternity pay- 12 weeks full pay after 6 months' service.
  • Enhanced short and long-term sick pay.
  • 25 days holiday which increases year on year until you reach 5 years of service + 14 additional days.

About ESO

ESO is a fast-paced, growing data, technology and research company passionate about improving community health and safety through the power of data. We pioneer innovative, user-friendly software to meet the changing needs of today’s EMS agencies, fire departments, and hospitals. We’re small enough to be nimble and fun, but big enough to be a great place to work. We serve thousands of customers out of our offices across the US, Canada and Northern Ireland.

Are you ready to Make a Difference?

ESO is committed to creating a diverse and inclusive work environment and is proud to be an equal opportunity employer. We invite you to consider opportunities at ESO regardless of your gender; gender identity; gender reassignment; age; religious or similar philosophical belief; race; national origin; political opinion; sexual orientation; disability; marital or civil partnership status or other non-merit factor.

Our Equal Opportunity Statement of Policy for Northern Ireland is available on request.

Applicant Privacy Notice – please click here to review theapplicant privacy noticewhich details how your data is collected, used and protected.

#J-18808-Ljbffr

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Neurodiversity in Cyber Security Careers: Turning Different Thinking into a Superpower

Cyber security is all about thinking like an attacker, spotting unusual patterns, protecting systems & responding calmly when everything looks like it’s on fire. It’s a discipline built on curiosity, persistence & noticing things other people miss. That’s exactly why it can be such a good fit for many neurodivergent people. If you live with ADHD, autism or dyslexia, you may have been told your brain is “too distracted”, “too literal” or “too disorganised” for a security role. In reality, the traits that can make traditional office work tough often line up beautifully with cyber security work – from hyperfocus in incident response to meticulous analysis in threat hunting. This guide is written for cyber security job seekers in the UK. We’ll look at: What neurodiversity means in a cyber context How ADHD, autism & dyslexia strengths map to different security roles Practical workplace adjustments you can ask for under UK law How to talk about neurodivergence during applications & interviews By the end, you’ll have a clearer sense of where you might thrive in cyber security – & how to turn “different thinking” into a genuine superpower.

Jobs

Cyber Security Hiring Trends 2026: What to Watch Out For (For Job Seekers & Recruiters)

As we move into 2026, the cyber security jobs market in the UK is changing fast. Attackers are scaling up with automation & AI, cloud estates are more complex, & regulators are tightening expectations around resilience & data protection. At the same time, budgets are under pressure & some organisations are consolidating their tech teams. Despite all this, demand for cyber security skills remains strong. Skilled defenders, engineers & leaders are still hard to find, & the stakes are only getting higher. Whether you are a cyber security job seeker planning your next move, or a recruiter building security teams, understanding the key cyber security hiring trends for 2026 will help you make better decisions.

Jobs

Cyber Security Recruitment Trends 2025 (UK): What Job Seekers Must Know About Today’s Hiring Process

Summary: UK cyber security hiring has shifted from title‑led CV screens to capability‑driven assessments that emphasise incident readiness, cloud & identity security, detection engineering, governance/risk/compliance (GRC), measurable MTTR/coverage gains & secure‑by‑default engineering. This guide explains what’s changed, what to expect in interviews, & how to prepare—especially for SOC analysts, detection engineers, blue/purple teamers, penetration testers, cloud security engineers, DFIR, AppSec, GRC & security architecture. Who this is for: SOC & detection engineers, security operations leads, DFIR analysts, penetration testers/red teamers, purple teamers, AppSec/DevSecOps engineers, security architects, cloud security engineers, identity/IAM engineers, vulnerability managers, GRC/compliance specialists, product security & security programme managers targeting roles in the UK.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.