Security Engineer

Security Engineer


Security Engineer

Security Engineers will play a key role in implementing and championing client’sSecurity By Design agenda, to minimise application security risks and avoid security deployment errors. Security Engineers will implement security architecture blueprints / patterns and standards and secure engineering principles, and will oversee and support the implementation of secure coding and development practices throughout SuperTribes.

Key Responsibilities

  • Champions Security by Design in Engineering
  • Develops and maintains own supertribe’s secure coding standards
  • Implements security architectures, design principles, best practice security engineering methods
  • Works with other developers / engineers to ensure security is built into active development design; establishing security requirements, completing and reviewing threat models
  • Performs security testing and validation to create and maintain secure products and cloud solutions
  • Self-assesses and manages operational conformity
  • Provides security design advice to commercial and product teams, ensuring that security requirements are established for the development of new and enhanced services.

Key Skills Required

  • Strong technical background, with a firm understanding of enterprise systems
  • Good understanding of SDLC and modern development methodologies
  • Strong knowledge and experience of relevant coding language/s
  • Good cryptography implementation expertise
  • Working knowledge of common security architectures (e.g. TOGAF, SABSA, OSA) and security architecture standards
  • In depth understanding of security threats, attack patterns, common and emerging security vulnerabilities and how they manifest themselves in different types of environments and applications
  • Strong knowledge of OWASP Top 10, NIST/ CSC, CIS, SANS Top 25 etc.
  • Understands the legal and regulatory environment within which the business operates and has knowledge of relevant security related legal and regulatory requirements
  • Threat modelling experience
  • Strong communication skills
  • Basic knowledge of information security risk management methodologies and best practices.

Person Specification

  • Inquisitive mind, critical thinker, excellent problem solving skills
  • Strong attention to detail
  • Tenacious nature, works well under pressure
  • Is practical, able to apply theoretical / academic principles in a practical, consumable manner
  • Fast learner – committed to continual learning, willing to expand skill set and rapidly understand new technologies
  • Creative and pragmatic, always seeking to achieve the best achievable outcome
  • Works in a collaborative way, respects the views and ideas of others
  • Works in a straight-forward and inclusive way and is non-political
  • Is tenacious, in the pursuit to delight our users.
  • Strives for excellence in all they do and always look to improve our service and product
  • Regularly seeks to turn ideas into action and injects creativity into every touch point
  • Questions common practice to challenge the norm
  • Has a can-do attitude and a positive viewpoint
  • Takes ownership and always delivers against what is agreed.


And Experience

  • High level information security, engineering and architecture knowledge and experience (5+ years)
  • Relevant security architecture professional qualification, such as CRISC, CSX-P, SCP, CAP, CCSLP or other equivalent qualification
  • Membership relevant professional body / industry group
  • Previous experience of secure engineering and testing.

Apply for this Job

Please enter your full name.

Enter a valid email address.

Upload your CV to accompany your application for this job.

Fields marked with * are required.