Job Description
Application Security Engineer
Rate: £550-£700 per day (Outside IR35)
Location: Bristol (Remote, with occasional office presence once a month)
Job Type: 6-month contract
We are an innovative financial services organisation seeking a highly skilled Application Security Engineer to join our dynamic team. In this role, you will play a pivotal part in shaping our security strategy, driving the development of secure solutions, and addressing both internal and external threats. You will collaborate with cross-functional teams to design security architectures that protect our infrastructure, applications, and data, ensuring they align with business objectives.
Key Responsibilities:
1. Security Strategy Leadership: Lead the development and implementation of security plans and roadmaps, ensuring adherence to best practices in security architecture and aligning with business goals.
2. Comprehensive Security Design: Develop, implement, and manage secure solutions as part of enterprise-wide projects, protecting infrastructure, applications, and data.
3. Risk Management: Identify vulnerabilities, assess risks, and implement mitigative strategies to safeguard assets.
4. Collaboration: Partner with stakeholders and cross-functional teams to design security solutions that meet both business and security requirements.
5. Incident Monitoring and Response: Analyse security incidents and design proactive solutions to mitigate emerging threats.
6. Security Awareness: Establish and lead security training programs, upskilling IT and development teams on best practices and emerging trends.
7. Mentorship and Leadership: Serve as a subject matter expert, mentoring team members and boosting the organisation's security capabilities through knowledge-sharing and training initiatives.
8. Community Engagement: Actively participate in the organisation's architecture community, offering insights and best practices to improve overall security outcomes.
Skills and Qualifications:
1. Security Architecture Expertise: Proven experience in Security Architecture and Application Security, with a deep understanding of cybersecurity frameworks and security standards (e.g., NIST, ISO 27001).
2. Technical Proficiency: Strong hands-on experience with network security, identity and access management, data encryption, incident response, and security in cloud environments (AWS, Azure, GCP). Familiarity with SIEM tools and threat intelligence is essential.
3. Agile/DevSecOps: Experience working within Agile and DevSecOps frameworks, integrating security into the development lifecycle.
4. Cloud Security: Familiarity with cloud security standards and securing cloud-based applications, especially in a DevSecOps environment.
5. Salesforce Experience (Desirable): Knowledge of Salesforce Financial Services Cloud and Salesforce OmniStudio is a strong plus.
6. Certifications: Industry certifications such as CISSP, CISM, or equivalent are preferred.
7. Communication and Collaboration: Strong collaboration and stakeholder management skills, with the ability to align security solutions with business objectives.
#J-18808-Ljbffr