Senior / Lead Security Engineer
at Capco UK - Edinburgh
Senior/Lead Security Engineer
About Capco
Capco is a global technology and business consultancy, focused on the financial services sector. We are passionate about helping our clients succeed in an ever-changing industry.
You will work on engaging projects with some of the largest banks in the world, on projects that will transform the financial services industry.
We are/have:
1. Experts across the Capital Markets, Insurance, Payments, Retail Banking and Wealth & Asset Management domains.
2. Deep knowledge in various financial services offerings including Finance, Risk and Compliance, Financial Crime, Core Banking etc.
3. Committed to growing our business and hiring the best talent to help us get there.
4. Focused on maintaining our nimble, agile and entrepreneurial culture.
The Role
We are looking for engineers who want to play a key part in supporting the evolution of the Financial Services industry one project at a time. You will be expected to be a strong team player who prides themselves on delivering modern, first class cloud based platforms through practicing best in class Agile ways of working at all times.
Responsibilities
5. Craft and implement an advanced security engineering strategy to bolster our infrastructure and networks.
6. Mentor and guide the security engineering team, fostering a culture of continuous learning and innovation.
7. Collaborate with cross-functional teams to inculcate security-by-design principles.
8. Design and optimise endpoint protection solutions, ensuring robustness against evolving threats.
9. Provide leadership in device management, secure configuration, and hardening practices.
10. Secure our Cloud architectures, emphasising proactive defence mechanisms and robust access controls.
11. Monitor cloud configurations, ensuring alignment with best practices and compliance requirements.
12. Implement a strategy for data protection across its lifecycle.
13. Provide leadership in encryption, tokenisation, and masking strategies and implement a strategy for data protection across its lifecycle.
14. Spearhead the integration of security within the SDLC, promoting secure coding practices and integrating security tools within CI/CD pipelines.
15. Oversee designs, vulnerability assessments and code reviews, ensuring applications are free of critical security flaws.
16. Guide the engineering teams in embracing security as an integral part of the development lifecycle.
17. Promote secure coding practices and integrate security tools within CI/CD pipelines.
18. Conduct regular network security assessments and audits to identify and mitigate vulnerabilities.
19. Monitor security access and implement firewall technologies.
20. Monitor the cybersecurity landscape for emerging threats and innovative defence strategies.
21. Test and incorporate new security tools and methodologies that align with our tech stack and security objectives.
Skills & Expertise
22. Extensive experience in endpoint security solutions and best practices.
23. Deep expertise in Cloud Security.
24. Proficient understanding of data security principles and mechanisms.
25. Strong background in application security and secure software development.
26. Familiarity with major security standards and frameworks.
27. Experience with programming languages (e.g., Python, Go, Java) will be a strong advantage.
28. Excellent communication skills, both written and verbal.
Preferred Qualifications
29. Bachelor’s or master’s degree in computer science, Information Security, or a related field.
30. Relevant certifications such as CSSLP, CISSP, or cloud-specific certifications.
We'd also like to see:
31. An appetite to contribute to the wider Capco business outside of project assignments. This can be achieved through various means including thought leadership activities, supporting RFP's and the coaching/mentoring of more junior engineering team members
A day in the life of an Engineer at Capco
32. Working alongside clients to interpret requirements and define industry-leading solutions.
33. Designing and developing robust, well tested data pipelines.
34. Demonstrating and helping clients adhere to best practices in engineering and SDLC.
35. Building event-driven, loosely coupled distributed applications.
36. Developing both on-premise and cloud-based solutions.
37. Supporting internal Capco capabilities by sharing insight, experience and credentials.
We offer:
38. A work culture focused on innovation and building lasting value for our clients and employees
39. Ongoing learning opportunities to help you acquire new skills or deepen existing expertise
40. A flat, non-hierarchical structure that will enable you to work with senior partners and directly with clients
41. A diverse, inclusive, meritocratic culture
42. Enhanced and competitive family friendly benefits, including maternity / adoption / shared parental leave and paid leave for sickness, pregnancy loss, fertility treatment, menopause, and bereavement
Joining Capco means joining an organisation that is committed to an inclusive working environment where you’re encouraged to #BeYourselfAtWork. We celebrate individuality and recognize that diversity and inclusion, in all forms, is critical to success. It’s important to us that we recruit and develop as diverse a range of talent as we can, and we believe that everyone brings something different to the table – so we’d love to know what makes you different. We understand that you may need us to make changes to our process to allow you the best possible platform to succeed, and we are happy to cater to any reasonable adjustments you may require. You will find the section to let us know of these at the bottom of your application form or you can mention it directly to your recruiter at any stage and they will be happy to help.