Senior Security Engineer
Remote - occasional travel into London (need to be based in the UK)
Up to 85,000 BOE + 9% bonus
We are looking for a highly skilled and experienced Senior Security Engineer to join a dynamic and growing team for a leading SaaS technology company focused on helping businesses engage in more meaningful customer conversations.
About you
You will play a crucial role in securing the organisations infrastructure, systems, and data against cyber threats. As a Senior Security Engineer, you will be responsible for designing, innovating, deploying, and maintaining security measures to safeguard their information assets.
What you will be doing
-You will be securing the existing infrastructure/ application architecture.
-You will act as a advocate for infrastructure/ application Security Design.
-You will be collaborating within cross-functional teams to lead security system design and deployment. (DevSecOps approach).
-You will be reviewing new technologies and methodologies and introducing integration opportunities (where feasible).
-You will be undertaking internal pen testing and creation of external penetration testing scopes.
-You will be enhancing security detection and incident response efforts/ playbooks.
-You will be monitoring, remediating, and reporting on security events.
-You will be Security incident Manager (SIM).
-You will vulnerability configure and scan reviews & improvements
-You will ensure asset management across tools is accurate.
-You will review security codes and security approvals.
-You will be supporting the Security & GRC teams in activities for certification requirements.
-You will conduct identity and access management improvements
-You will mentor junior team members to help them grow in the role.
What we are looking for
-A minimum of 5+ years hands-on, proven industry experience in a similar role.
-You will have worked on a variety of challenging projects, with multiple security tools & be confident working with internal stakeholders to make sure the organization is compliant with PCI DSS, ISO/IEC 27001, SOC & HIPAA & IRAP controls.
-You have an in-depth knowledge of security principles, technologies, and best practices, threat detection and mitigation strategies.
-Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs.
-Mature understanding/ experience with cloud security architecture (AWS, Azure) with a proven track record and work ethic that covers many platforms (Windows/ Linux), to ensure optimal security posture.
-Skills in leveraging application monitoring tools- AWS monitoring/alert tools (CloudTrail, Guardduty), Qualys tools and SIEM experience, to detect and respond to security events/ incidents.
-Demonstrable experience of managing security solutions (secure Code Scanning, SIEM, IPS, IDS, Vulnerability Scanning, Penetration Testing,) directly, or through an MSSP, in a cloud-based environment.
-Proven track record of ensuring data confidentiality, integrity, and availability throughout its lifecycle - during transmission, storage, and processing.
-Knowledge of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST.
-Proficiency in scripting and programming languages (e.g., Java, .Net, PowerShell, Windows Shell Script).
-A proactive approach to staying updated with the latest security threats, vulnerabilities, and mitigation techniques.
-Industry certifications such as CISSP, CISM, CEH, ECSA, LPT, OSCP, AWS certified security, or equivalent are highly desirable.
What we are offering
-Extensive Health Insurance, Income Protection, Life Assurance, Subsidised Gym Membership, Leisure Travel Insurance, Pension Contribution and a Cycle2Work scheme, as well as 25 days’ holiday allowance.
To apply
Please apply or share your CV to: weronika.majchrzak@identifiglobal.com