Kainos

Senior Security Engineer

Kainos

full-time

Posted on:

Location Type: Remote

Location: United Kingdom

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AnsibleAWSAzureCloudCyber SecurityJavaJavaScript.NETPythonTerraform

About the role

  • Daily collaboration with the application development and cloud platform teams to plan and prioritise security requirements as part of the secure software development lifecycle (SSDLC)
  • Recommending security best practices for cloud platforms and automating compliance with cloud security baselines (e.g. CIS Benchmarks)
  • Implementation of automated security tooling (e.g. within a Continuous Integration (CI) pipeline) to validate security requirements and identify potential issues
  • Working with external organisations to plan, scope and facilitate penetration tests
  • Reviewing the outputs from security tools and security practices
  • Filtering and prioritising these into security stories that can be understood and actioned by the delivery teams
  • Verifying the implementation of security principles, architectural patterns, and requirements
  • Driving the adoption of cyber security practices (e.g. vulnerability management, threat modelling etc.) within Agile delivery teams.
  • Coaching and developing more junior members of the team.

Requirements

  • Experience of implementing application security or Cloud platform security
  • AI Security Engineer experience
  • A detailed understanding of web application security
  • An understanding of modern cryptography and its application for encryption in-transit, encryption at-rest, hashing and digital signatures
  • An understanding of security practices such as threat modelling, vulnerability management, application security testing, and penetration testing
  • Experience of integrating application security tools (e.g. static analysis, dynamic analysis etc.) into the SSDLC
  • Experience of using modern version control systems (e.g. git) and either a scripting language (e.g. Bash, Powershell etc.), or a programming language (e.g. Python, Java, .NET, JS etc.), or an Infrastructure as Code language (e.g. Terraform, ARM Templates, Ansible etc.) to automate tasks
  • The ability to convey security issues to technical and non-technical people
  • An industry recognised qualification in Cyber Security is desirable
  • Experience in at least one industry vertical from Commercial, Public Sector or Defence is desirable
  • AWS or Azure mid-level certifications are desirable
  • Participation in the cyber security community (e.g. OWASP, HackTheBox, CTFs etc.) is desirable
  • Experience working with agile software development methodologies (e.g. Scrum or Kanban) is desirable.
Benefits
  • Health insurance
  • Professional development opportunities
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application securitycloud platform securityweb application securitycryptographythreat modellingvulnerability managementapplication security testingpenetration testingstatic analysisdynamic analysis
Soft Skills
collaborationcoachingcommunicationprioritizationproblem-solving
Certifications
Cyber Security qualificationAWS certificationAzure certification