Lead Security Engineer
Permanent / Full Time
Lead security engineer required for a well-known and highly respected organisation looking to build more Cyber Security capability across their business.
As a Lead Engineer, you will be highly technical but senior enough to be strategic and design solutions. This position reports to senior level technical management with a focus on collaborating with software engineering and data teams, to design and implement new cyber tech solutions, processes and integrating new tools into the CI/CD pipeline.
As part of a newly created team there will be the opportunity to set up from a greenfield position a lot of the time, having the opportunity to research best-fit tools and best practice processes.
We need somebody that has worked in a modern hybrid cloud environment, with knowledge around application security, secure coding, configuring and development of cyber tools and knowledge of automation and scripting. A background in Application Security and OR Devsecops would be really useful for this role. Responsibilities:
- Research, identify and implement potential configurations or development artifacts to meet cyber security requirements;
- Make pragmatic technical design and development decisions which meet cyber security requirements whilst remaining commercial;
- Provide input to solution architecture and high-level design documentation;
- Develop and maintain detailed design, as-built configuration, user guides, service guide and other artifacts as required;
- Collaborate with key technical teams and senior management to deliver Cyber Solutions that improve cyber posture and enable technical teams to work and build securely
- Sustainably engineer and automate security into all layers of our data platform to enhance our security, assurance, governance and compliance capabilities, including:
- Automating AWS vulnerability management, open policy agents (OPA), AWS IAM policies and permissions, docker file standards and configuration policies, building and automating pipeline security policy checks; and
- Work collaboratively with key stakeholders to proactively identify and mitigate potential threats against data and technology resources.
- Significant experience working as a Security Engineer within a large, complex environment;
- Strong experience in securing and integrating cloud workloads, managing CI/CD pipelines and security tooling within AWS and Azure cloud platforms;
- Demonstrated capabilities in analysing and optimising security configurations;
- Working knowledge of database security configuration and policy management including IAM and Schema;
- Experience in one or more key security domains such as security monitoring and vulnerability management, network security products and data loss prevention;
- Strong analytical and problem-solving capabilities;
- Well-developed interpersonal and influencing skills; and
- A genuine interest and passion to learn and develop new skills.