Application Security Engineer
Rate: £550-£700 per day (Outside IR35)
Location: Bristol (Remote, with occasional office presence once a month)
Job Type: 6-month contract
We are an innovative financial services organisation seeking a highly skilled Application Security Engineer. to join our dynamic team. In this role, you will play a pivotal part in shaping our security strategy, driving the development of secure solutions, and addressing both internal and external threats. You will collaborate with cross-functional teams to design security architectures that protect our infrastructure, applications, and data, ensuring they align with business objectives.
Key Responsibilities:
- Security Strategy Leadership: Lead the development and implementation of security plans and roadmaps, ensuring adherence to best practices in security architecture and aligning with business goals.
- Comprehensive Security Design: Develop, implement, and manage secure solutions as part of enterprise-wide projects, protecting infrastructure, applications, and data.
- Risk Management: Identify vulnerabilities, assess risks, and implement mitigative strategies to safeguard assets.
- Collaboration: Partner with stakeholders and cross-functional teams to design security solutions that meet both business and security requirements.
- Incident Monitoring and Response: Analyse security incidents and design proactive solutions to mitigate emerging threats.
- Security Awareness: Establish and lead security training programs, upskilling IT and development teams on best practices and emerging trends.
- Mentorship and Leadership: Serve as a subject matter expert, mentoring team members and boosting the organisation's security capabilities through knowledge-sharing and training initiatives.
- Community Engagement: Actively participate in the organisation's architecture community, offering insights and best practices to improve overall security outcomes.
Skills and Qualifications:
- Security Architecture Expertise: Proven experience in Security Architecture and Application Security, with a deep understanding of cybersecurity frameworks and security standards (e.g., NIST, ISO 27001).
- Technical Proficiency: Strong hands-on experience with network security, identity and access management, data encryption, incident response, and security in cloud environments (AWS, Azure, GCP). Familiarity with SIEM tools and threat intelligence is essential.
- Agile/DevSecOps: Experience working within Agile and DevSecOps frameworks, integrating security into the development lifecycle.
- Cloud Security: Familiarity with cloud security standards and securing cloud-based applications, especially in a DevSecOps environment.
- Salesforce Experience (Desirable): Knowledge of Salesforce Financial Services Cloud and Salesforce OmniStudio is a strong plus.
- Certifications: Industry certifications such as CISSP, CISM, or equivalent are preferred.
- Communication and Collaboration: Strong collaboration and stakeholder management skills, with the ability to align security solutions with business objectives.