My client, an exciting and innovative software house who have a world renowned Digital Experience platform are seeking a Staff Security Engineer/Security Architect to join their team.
Security is in the foundation of over 9,000 customers’ trust in my client. In this role, you will help lead their security program that enables security being baked into all of the products and infrastructure built by my client.
The responsibilities of this role are a blend of security architecture, security engineering, software engineering and project management. If you’re a senior level security engineer/architect looking to get into a leadership position, this is a great opportunity for you to have impact across a global engineering organization and build a world-class security program.
This is a remote role, however you will be required to come to my client’s UK HQ based in London, once every few weeks.
- Help lead the software security program for my client – ensure that security is baked in to everything we build at every step of the software development lifecycle
- Maintain our software security awareness program and ensure 100% of engineers stay informed annually of top security risks and best practices
- Create security policy, standards, procedures and guidelines for engineering
- Perform security reviews of Product Designs, and Technical designs
- Measure and grow security maturity across the business
- Assist in the triage of security issues and provide recommended fixes
- Work across teams to facilitate independent security assessments and penetration tests
- Evaluate new tools, processes, and frameworks; Drive adoption of the best ones
- Maintain a high level view of security posture, and gaps with a focus on driving down risk in critical areas.
- Software engineering, or cloud engineering background at a SaaS company. You may not be coding often, but you will need to be comfortable reviewing and discussing code with a diverse set of engineers
- Familiarity with cloud security, particularly AWS and Azure Security concepts. You will be collaborating with the Reliability Engineering organization to bake AWS, Azure and GCP security best practices into our infrastructure.
- Experience with security activities throughout the software development lifecycle- design reviews, threat modelling, code reviews, tooling, penetration testing, incident response. You will act as the Security Partner for one or more Engineering teams to facilitate these practices.
- Able to influence without authority and have excellent teamwork skills
- Implementing software security programs like the Security Development Lifecycle at a SaaS company
- Must be proficient in at least one programming languages (Go, Java, Python, C# .NET, R etc.) – Fairly open to which language
- An understanding of common application security problem spaces, and frameworks to mitigate or remediate
- Thorough knowledge of OWASP Top 10
- Deep knowledge of cloud security concepts and applications