Application Security Architect

Recruiter
Woolf Group
Location
London
Salary
Competitive
Posted
07 Oct 2024
Closes
21 Oct 2024
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time

We are working with a fund who are number one in their specialist area and currently rebuilding their entire pricing & risk management platform from scratch.

Responsibilities:

  • Become an integral part of our Security Engineering team, where you'll be directly involved in designing, implementing, and maintaining key security services.
  • We are hands–on partners, actively working with stakeholders to create secure, intuitive solutions–going beyond mere advisory roles.
  • Leverage your extensive experience with major cloud platforms (IaaS, PaaS, Event–driven/Serverless, SaaS) on AWS and/or Azure.
  • Collaborate closely with engineering teams to ensure secure product and service delivery, assess design concepts, and scrutinize system architectures.
  • Craft secure design patterns and provide actionable guidance to minimize risks through strategic architecture decisions.
  • Conduct security architecture assessments on critical processes and systems, partnering with teams throughout the development lifecycle.
  • Use threat modeling to effectively demonstrate the significance and impact of security measures.
  • Implement security best practices by developing policy–as–code, templates, and modules that enforce secure designs.
  • Utilize Infrastructure as Code, Containers, and CI/CD methodologies to strengthen security practices.
  • Clearly communicate the importance of security controls, balancing their benefits against any potential operational impacts.
  • Work closely with developers, providing support with secure development tools and practices.

Required:

  • Over 5 years of hands–on technical experience.
  • Proven background as a Security Engineer or Software Engineer.
  • Exceptional communication skills
  • In–depth understanding of current security threats, threat actors, and the tactics and techniques they use.
  • Extensive experience with cloud and cloud–native technologies.