Location: London (Central)
Salary: Depending on experience
An amazing opportunity with a Tier 1 Investment bank based in London who is seeking a highly experienced Senior IT Security Engineer to take a lead role in defining the direction of IT security management, and to partner with Technology Infrastructure, Development, and Operations groups in developing and implementing appropriate IT security policies and procedures
- as senior technical/business IT security lead.
- Participate in and coordinate the development, authoring, implementation, and administration of high-level security policies, practices, standards and programs.
- Participate as a key member of Technology team by providing pertinent security information and input to strategic and tactical planning
- Work with Systems, Application, and Network teams to review/define security templates for hardening systems.
- Deliver to senior Technology Management prioritized recommendations for improving application and infrastructure security.
- Experience in designing and delivering security solutions, including the implementation of security features.
- Confidence in supporting the project team with application security architecture.
- Demonstrable experience in Software Development Lifecycle.
- Solid grasp of programming concepts, fundamentals, and industry best practices
- Web application programming experience.
- Able to speak with confidence on Application Security and be undaunted by any audience.
- A background in technical IT roles such as IT architecture, development or operations, with a clear and abiding interest in information security;
- Demonstratable experience / competence in one of the following sub-domains (Data security, API security, Enterprise application security and Secure application security).
- Strong communication (written and oral) and interpersonal skills;
- Prior Software development experience in one or more languages (Java / C# / C++)
- Understanding of large-scale development life cycles and experience working and integrating with it (Source Code Repositories, Build Systems, Bug Tracking Tools).
Bonus Points for:
- Good experience and knowledge of security architecture areas like OAUTH, APIs and key rotation.
- Knowledge of OWASP.
- Functional and Non-Functional testing experience.
- Defensive programming knowledge.
Education / Qualification
- Applicable Degree - Computer Science, Cyber Security,
- Relevant Security qualifications: CISSP, CISM, CEH, CISA etc