After spending a number of years as a full Stack Software Engineer I moved in to the role of Application Security Engineer where I became GWAPT qualified. I'm responsible for ensuring that security is built in to all applications from the start. I create security stories, provide implementation methods, automate security scanning and provide security education to the software engineers in the company. As an ASE it is necessary to carry out vulnerability scans on the applications in production to ensure no security vulnerabilities have been introduced.