The following job is no longer available:
Security Engineer (Threat Modelling)
Security Engineer (Threat Modelling)
Security Engineer (Threat Modelling)
Posted 17 days ago
- Swindon, Wiltshire
- Any
- External
- Expired - 2 months ago
Job Description
It's easy to misunderstand what Nationwide is like. Why? Because we're not like a bank. We're not like other financial services companies either. As a Senior Security Engineer here, you'll sit within Security Engineering within Nationwide’s Chief Operating Office, assisting a wide range of delivery teams in engineering secure solutions and protecting our member's money and data.
We believe security is a systemic concern; therefore, security problems should be solved by a systemic approach (take a look at our tenets here if you are interested to learn more about our vision). We will have regular forums in which we consult with other security engineers within the team, looking at the problems from each of our specialities' perspectives.
At Nationwide we offer hybrid working wherever possible. More rewarding relationships are supported through our hybrid approach, bringing colleagues together across our UK wide estate, whilst also supporting generous access to home working. We value our time in the office to solve problems, to learn, and to feel connected.
For this job you'll spend at least two days per week, or if part time you'll spend 40% of your working time, at one of our offices. If your application is successful, your hiring manager will provide further details on how this works. You can also find out more about our approach to hybrid working here.
This role can be based out of our Swindon, Nationwide office or our London, Threadneedle street office.
As a security engineer, you will work cross-functionally to assess risk and help deliver countermeasures that protect our member's data. You will work will engineering teams to create solutions that solve or remediate security problems. This will involve a range of activities, including (but not limited to) threat modelling, selection and configuration of DevSecOps tools, high-level and detailed security designs.
We are looking for a Security Engineer with experience in design and implementing cloud native applications in the cloud.
You should have demonstrable experience in:
Threat modelling, design and implementing security controls in the cloud environment (AWS or Azure)
Design and implementing cloud native and hybrid solutions in major public cloud platforms.
Understanding of cryptographic primitives and protocols and their implementations in the cloud environment
Programming with at least one modern language, an appreciation of software development lifecycle, software delivery methodologies and experience with industry-standard tools and methods for delivering software in an enterprise environment (version control, CI/CD pipeline, etc.)
Experience with Authentication and authorisation, Attribute-Based Access Control (ABAC), Role Based Access Control (RBAC))
Teamwork skills and resourcefulness
It would also be beneficial if you have.
Containerisation and serverless technologies (i.e., Docker, K8s, AWS Lambda) and their security implications
Application perimeter defence (i.e., Web Application Firewalls)
Experience with API gateway and Service Mesh and their security implications (i.e., APIGEE, ISTIO…)
Degree in computer science or related field
Professional certifications in AWS or Azure
Our Customer First behaviours are all about putting customers and members at the heart of how we work together. You can strengthen your application by showing the behaviours that resonate with you, and how you might have already demonstrated these.
Say it straight - This is about being honest and direct with good intent and saying what needs to be said in the room. It’s also about being clear, precise, and using language that we and, importantly, our customers and members can understand.
Push for better - This is about aiming high and constantly looking for better in how we work together and serve our customers and members.
Get it done - This is about prioritising what will have the greatest impact, being decisive and taking accountability for delivering on the end-to-end outcome.
We know applying for jobs can sometimes feel like you’re sending an application into a black hole. We review each application individually. So, it’s a good idea to call out your most relevant experience on your application to give yourself the best chance.
There are all sorts of employee benefits available at Nationwide, including:
A personal pension – if you put in 7% of your salary, we’ll top up by a further 16%
Up to 2 days of paid volunteering a year
Life assurance worth 8x your salary
A great selection of additional benefits through our salary sacrifice scheme
Gympass – Access to a range of free and paid options for health and wellness.
Access to an annual performance related bonus
Access to training to help you develop and progress your career
25 days holiday, pro rata
#J-18808-Ljbffr
It's easy to misunderstand what Nationwide is like. Why? Because we're not like a bank. We're not like other financial services companies either. As a Senior Security Engineer here, you'll sit within Security Engineering within Nationwide’s Chief Operating Office, assisting a wide range of delivery teams in engineering secure solutions and protecting our member's money and data.
We believe security is a systemic concern; therefore, security problems should be solved by a systemic approach (take a look at our tenets here if you are interested to learn more about our vision). We will have regular forums in which we consult with other security engineers within the team, looking at the problems from each of our specialities' perspectives.
At Nationwide we offer hybrid working wherever possible. More rewarding relationships are supported through our hybrid approach, bringing colleagues together across our UK wide estate, whilst also supporting generous access to home working. We value our time in the office to solve problems, to learn, and to feel connected.
For this job you'll spend at least two days per week, or if part time you'll spend 40% of your working time, at one of our offices. If your application is successful, your hiring manager will provide further details on how this works. You can also find out more about our approach to hybrid working here.
This role can be based out of our Swindon, Nationwide office or our London, Threadneedle street office.
As a security engineer, you will work cross-functionally to assess risk and help deliver countermeasures that protect our member's data. You will work will engineering teams to create solutions that solve or remediate security problems. This will involve a range of activities, including (but not limited to) threat modelling, selection and configuration of DevSecOps tools, high-level and detailed security designs.
We are looking for a Security Engineer with experience in design and implementing cloud native applications in the cloud.
You should have demonstrable experience in:
Threat modelling, design and implementing security controls in the cloud environment (AWS or Azure)
Design and implementing cloud native and hybrid solutions in major public cloud platforms.
Understanding of cryptographic primitives and protocols and their implementations in the cloud environment
Programming with at least one modern language, an appreciation of software development lifecycle, software delivery methodologies and experience with industry-standard tools and methods for delivering software in an enterprise environment (version control, CI/CD pipeline, etc.)
Experience with Authentication and authorisation, Attribute-Based Access Control (ABAC), Role Based Access Control (RBAC))
Teamwork skills and resourcefulness
It would also be beneficial if you have.
Containerisation and serverless technologies (i.e., Docker, K8s, AWS Lambda) and their security implications
Application perimeter defence (i.e., Web Application Firewalls)
Experience with API gateway and Service Mesh and their security implications (i.e., APIGEE, ISTIO…)
Degree in computer science or related field
Professional certifications in AWS or Azure
Our Customer First behaviours are all about putting customers and members at the heart of how we work together. You can strengthen your application by showing the behaviours that resonate with you, and how you might have already demonstrated these.
Say it straight - This is about being honest and direct with good intent and saying what needs to be said in the room. It’s also about being clear, precise, and using language that we and, importantly, our customers and members can understand.
Push for better - This is about aiming high and constantly looking for better in how we work together and serve our customers and members.
Get it done - This is about prioritising what will have the greatest impact, being decisive and taking accountability for delivering on the end-to-end outcome.
We know applying for jobs can sometimes feel like you’re sending an application into a black hole. We review each application individually. So, it’s a good idea to call out your most relevant experience on your application to give yourself the best chance.
There are all sorts of employee benefits available at Nationwide, including:
A personal pension – if you put in 7% of your salary, we’ll top up by a further 16%
Up to 2 days of paid volunteering a year
Life assurance worth 8x your salary
A great selection of additional benefits through our salary sacrifice scheme
Gympass – Access to a range of free and paid options for health and wellness.
Access to an annual performance related bonus
Access to training to help you develop and progress your career
25 days holiday, pro rata
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
