Senior Application Security Engineer

Senior Application Security Engineer

  • Location

    United Kingdom

  • Sector:

    FinTech

  • Job type:

    Permanent

  • Contact:

    Amit Patel

  • Contact email:

    amit.patel@cloudstreamglobal.com

  • Job ref:

    JN -102018-91047

  • Published:

    about 2 months ago

  • Expiry date:

    2018-11-21

  • Startdate:

    2019-01-03

  • Consultant:

    #

Location: London (Central)

Salary: Depending on experience

The role

An amazing opportunity with a Tier 1 Investment bank based in London who is seeking a highly experienced Senior IT Security Engineer to take a lead role in defining the direction of IT security management, and to partner with Technology Infrastructure, Development, and Operations groups in developing and implementing appropriate IT security policies and procedures

Responsibilities:

  •  as senior technical/business IT security lead.
  • Participate in and coordinate the development, authoring, implementation, and administration of high-level security policies, practices, standards and programs.
  • Participate as a key member of Technology team by providing pertinent security information and input to strategic and tactical planning  
  • Work with Systems, Application, and Network teams to review/define security templates for hardening systems. 
  • Deliver to senior Technology Management prioritized recommendations for improving application and infrastructure security.

Essential Skills:

  • Experience in designing and delivering security solutions, including the implementation of security features.
  • Confidence in supporting the project team with application security architecture.
  • Demonstrable experience in Software Development Lifecycle.
  • Solid grasp of programming concepts, fundamentals, and industry best practices
  • Web application programming experience.
  • Able to speak with confidence on Application Security and be undaunted by any audience.
  • A background in technical IT roles such as IT architecture, development or operations, with a clear and abiding interest in information security;
  • Demonstratable experience / competence in one of the following sub-domains (Data security, API security, Enterprise application security and Secure application security).  
  • Strong communication (written and oral) and interpersonal skills;
  • Prior Software development experience in one or more languages (Java / C# / C++)
  • Understanding of large-scale development life cycles and experience working and integrating with it (Source Code Repositories, Build Systems, Bug Tracking Tools).
  • Proven

Bonus Points for:

  • Good experience and knowledge of security architecture areas like OAUTH, APIs and key rotation.
  • Knowledge of OWASP.
  • Functional and Non-Functional testing experience.
  • Defensive programming knowledge.

Education / Qualification

  • Applicable Degree - Computer Science, Cyber Security,
  • Relevant Security qualifications: CISSP, CISM, CEH, CISA etc