Job Search

Senior Security Engineer

Location: London | United Kingdom
Job Type: Permanent
Salary: £75000 – £90000
Sector: Retail

Contact Details

Name: Sam Finn

Are you an experienced Cyber Security Engineer with a passion for Application Security? Are you looking to work with a leading retail organisation going through exciting digital transformation programmes? I am currently recruiting for a Senior Security Engineer for a FTSE100 client to provide expertise and guidance on Application Security working with the wider security team.


Job Responsibilities of the Senior Security Engineer

· Acting as the subject matter expert you will be responsible for supporting and advising on all matters surrounding Application Security

· Lead and manage a continuously improving Application Security Engineering practice

  • Collaborate with Product Owners and Engineers to build security into all steps of CI/CD SDLC process, from plan through design, build, test, deploy and run

· Provide security remediation advice and engineering solutions to development and testing teams

· Help to implement a secure development process advocating the use of OWASP and other application security standards

· Provide expertise and guidance on common application security flaws and secure coding practices

· Work with project teams to clearly explain, identify and remediate application security issues

· Implement a threat modelling programme across the business

· Promote security awareness and mentor the wider business on Application Security

 

Desirable Skills and Experience of the Senior Security Engineer
 

· Previous experience working in an Application Security / Software Engineering role

· Previous software development experience or in-depth knowledge of modern development languages and frameworks

· Practical experience with Threat Modelling

· Understanding of Automation and DevOps methodologies

· Knowledge of secure architecture principles

· In depth knowledge of Cloud technologies (preferably Azure)

· Experience working in an environment moving from traditional on-prem technologies to Cloud

· Experience with the likes of Java, Python and Mobile App Development

· Experience with applications such as Trufflehog, BridgeCrew, GitHub, Snyk, Akamai Kona WAF, Wallarm and K8 Security

· Experience with application testing tools such as SAST, DAST etc

· Excellent communication skills with the ability to successfully negotiate, collaborate or effect change, in relation to Application Security matters with different stakeholders at all levels within the business as well as external partners

· Security certifications such as OSCP or GIAC are desirable