Security Engineer - DevOps Security Engineer
- Location:London, Greater London, England
- Salary: Market related
- Category
- Sector:
- Contract type Contract
Job Title: Senior Security Engineer & Security Engineer
Duration: 6 months (initial)
Location: Remote with occasional visits to Finsbury, London
About the Role:
Join our client and contribute significantly to establishing a robust Security Engineering function. As a Senior Security Engineer or Security Engineer, you’ll be pivotal in fortifying our client’s security posture through the implementation and enhancement of security tooling, bridging gaps in security capabilities, and fostering a culture of security consciousness and best practices.
Responsibilities:
Senior Security Engineer:
- Establish the foundation of the Security Engineering Function.
- Conduct a comprehensive review of the security tooling strategy and provide recommendations for improvement.
- Lead the implementation of security tooling solutions to address identified gaps.
- Collaborate closely with development teams to integrate security capabilities into the CI/CD pipeline.
- Provide training and awareness sessions for developers on the use of security tools.
- Mentor and advocate for a strong security culture across teams.
- Collaborate with Dev community and wider IT staff to ensure alignment with security best practices.
- Provide guidance and support throughout the implementation process.
- Understand Developers role and how you can, from a security point of view, work with them.
Security Engineer:
- Implement security solutions in a hands-on capacity.
- Engage directly with development delivery teams, focusing on short sprints.
- Provide support and coaching to development teams for security remediation tasks.
- Collaborate with the Senior Security Engineer on strategic initiatives and best practices.
Both roles require you to understand the development pipeline and what developers are doing rather than just putting guardrails in place. Being educational and articulate so that developers can understand you is crucial.
Skills & Experience:
- AWS CDK Constructs (mainly used) and Terraform from the lens of security hardening
- Experience with Cloud Infrastructure, specifically AWS.
- Integrating security tools into CI/CD pipelines
- Performing security testing
- SAST and DAST experience and knowledge
- Experience working closely with and articulating to Developers
- Strong background in Security Engineering, including reviewing and implementing security tooling.
- Familiarity with coding languages such as Python, Bash, and GO.
- Excellent scripting skills.