Security Engineer

Stott and May
Edinburgh, United Kingdom
2 days ago

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Remote
Edinburgh, United Kingdom

Tech stack

Amazon Web Services (AWS)
Azure
Control Objectives for Information and Related Technology (COBIT)
Computer Security
Identity and Access Management
Network Architecture
Network Protocols
Open Web Application Security
PCI Data Security Standards
Software Engineering
Private Cloud Environment
Google Cloud Platform
Multi-Cloud

Job description

This role is focused on designing and implementing robust security solutions that align with organisational standards and policies. The successful candidate will play a key role in safeguarding systems and data across a range of projects within a complex customer environment.

Working across modern and evolving technology landscapes, including cloud platforms and enterprise systems, the role offers exposure to current security challenges and the opportunity to influence secure design at scale. The position supports delivery within a dynamic industry environment, ensuring that security is embedded throughout solution architecture and implementation., * Design and develop secure solutions and produce comprehensive security design documentation outlining relevant controls

  • Analyse and deconstruct solution and network architectures to identify potential security weaknesses
  • Identify and mitigate threats and vulnerabilities using recognised methodologies such as STRIDE and MITRE frameworks
  • Translate identified threats into business risks, supporting stakeholders in assessing likelihood and impact
  • Communicate technical security concepts clearly to both technical and non-technical stakeholders
  • Present and articulate security designs effectively across project teams and wider business units
  • Evaluate and balance risks and benefits of different security design options
  • Support multiple concurrent projects, ensuring security requirements are consistently met
  • Collaborate with stakeholders to embed security best practices throughout project lifecycles

Requirements

  • Experience designing and implementing security solutions aligned to frameworks such as ISO 27000 series, PCI DSS, COBIT, NIST and OWASP
  • Strong background in risk assessment, threat modelling and implementation of security controls
  • Expertise in identity and access management, including user authentication and authorisation mechanisms
  • Knowledge of encryption, hashing and tokenisation techniques to ensure data protection
  • Understanding of secure software development lifecycle practices and integration of security into CI/CD pipelines
  • Proficiency in network protocols and perimeter security to protect infrastructure and applications
  • Relevant security certifications such as CISSP, CISM, CCSP or equivalent
  • Technical security certifications such as CEH, OSCP or equivalent
  • Experience working with public and private cloud platforms, including multi-cloud environments such as AWS, Azure and GCP
  • Proven ability to manage multiple high-priority security initiatives simultaneously

Apply for this position