DevOps Engineer Award winning computer software company- £85,000 My client are an award-winning computer software company that uses cutting edge technology to create higher definition...
Security Engineer - Permanent - up to £115k - London
Our global client are looking for a Security Engineer to join them on a permanent bases in their London offices.
The purpose of this role is to establish and maintain a global technical security capability, ensuring that all data, information and IP assets are protected and ensuring that confidentiality and integrity is maintained in accordance with legal/regulatory and company policy.
Our client are a CI/CD, digital-first, cloud-first organisation. Due to this, security is codified into their infrastructure/pipelines.
For this role, we're looking for someone who understands development lifecycles and has worked in DevSecOps environments where releases are frequent and security has been abstracted from the application space.
We're looking for someone who has knowledge of DevOps processes and an ability to describe how Docker containers and images can be broken or subverted, how to counteract that and how to keep the organisation safe.
Some of the key skills for this role are: DevOps, SDLC, Vulnerability Management, Risk Management, and Risk Mitigation (in a DevSecOps environment).
- Work with the lead and domain engineers to formulate solutions
- Specify secure design requirements and acceptance criteria for DevOps or software development feature teams
- Define secure designs for security architecture building blocks
- Provide hands on support during investigations and PoCs
- Take solution ownership from inception to delivery
- Embedding security into DevOps and CI/CD
- Promote 'security is codified' as a key platform principle
- Contributing to security engineering patterns to be applied across multiples cloud providers and technologies
- Preparing engineering artefacts and own the lifecycle of those artefacts
- Reviewing configurations and Infrastructure as Code for security weaknesses
- Supporting architects take designs through the appropriate governance and sign-off
- Act as an SME for security engineering related topics and issues
- Contributing to Threat Models
- Specialised working security engineering knowledge of two or more domains e.g. Cloud, DevOps, AppSec, IAM, API, Networking, Crypto, Big Data
- Experience working in fast-paced agile environments is essential
- Preferably hold an industry recognised security certification or degree e.g. OSCP, GIAC
- Experience implementing industry best practice security standards in large organisations
- Detailed knowledge across a broad range of security domains
We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation, gender reassignment, marriage and civil partnerships, pregnancy or maternity or age.