Security Engineer
Role details
Job location
Tech stack
Job description
National Gas is securing Britain's energy. We transport gas throughout Great Britain, repair and maintain gas pipelines, and manage the meters that allow millions of homes and businesses to access the energy they need. We are the national gas network, providing secure energy to power Britain, achieve net zero, and maintain our industrial competitiveness., As our Application Security Engineer, you'll be responsible for identifying security risks, improving security controls and supporting the secure delivery of applications and cloud services across the organisation. You'll act as a subject matter expert, helping teams adopt secure-by-design principles and modern application security practices., * Leading application security assessments and reviews to identify vulnerabilities and areas for improvement.
- Working with project and development teams to securely design, build and deploy solutions in cloud environments.
- Supporting the identification, prioritisation and remediation of application and cloud security vulnerabilities.
- Integrating security tooling into development pipelines and promoting a "shift-left" approach to security.
- Helping manage risks associated with third-party libraries, open-source components, packages and build artefacts.
- Using and supporting application security testing tools, including SAST, DAST and Infrastructure-as-Code security tools.
- Managing and enhancing security technologies such as cloud security platforms, web application firewalls and monitoring solutions.
- Automating security processes to improve efficiency, visibility and protection.
- Supporting incident response activities, investigations and root cause analysis.
- Collaborating with Security Architecture, Identity and Access Management and Governance, Risk & Compliance teams to drive continuous improvement.
Please note: As the team evolves, this role may be required to participate in a 24/7 standby/on-call rota to support business continuity, respond to critical security incidents and help maintain the resilience of our technology and operational environments.
Requirements
We're looking for someone with strong technical security expertise and a passion for improving application security in complex environments.
You'll ideally have:
- Experience working in a cyber security, application security or security engineering role.
- Strong software development or scripting skills, with experience in languages such as Java, C#, Python or JavaScript.
- Hands-on experience using application security testing tools and technologies.
- Experience securing cloud environments, particularly Microsoft Azure and/or Google Cloud Platform (GCP).
- Knowledge of security frameworks and standards such as OWASP, ISO 27001 and NIST.
- Experience using Microsoft Defender for Endpoint (MDE) and Cortex XDR.
- Strong analytical and problem-solving skills with the ability to assess and manage technical risk.
- Excellent communication and stakeholder management skills, with the ability to influence technical and non-technical audiences.
- A degree in Computer Science, Information Security or a related discipline, or equivalent practical experience., The successful candidate must be able to achieve and maintain Security Check (SC) security clearance for this role.
Benefits & conditions
Pulled from the full job description
- Employee assistance programme
- Private dental insurance
- Company pension
- Private medical insurance, * Salary from £55,000 to £60,000 (dependent on experience)
- Annual bonus of 6% based on personal and company performance
- 26 days' holiday plus 8 statutory holidays - plus option to buy 5 additional days
- Double-match pension scheme - for every £1 you put in, we'll add £2 (max company contribution 12%)
- Opt-In flexible benefit scheme, including salary sacrifice private healthcare, dental insurance, technology plans and more
- Financial protection with 10x salary death in service and financial support if you're unable to work due to long term illness or injury
- Excellent family friendly provisions - maternity/paternity/adoption/surrogacy/ shared parental leave
- Career progression, professional training and development
- Employee assistance programme offering free confidential professional counselling 24/7
- Financial support to cover the cost of professional membership subscriptions, and study support