Senior Security Engineer

Senior Security EngineerRemote - occasional travel into London (need to be based in the UK)Up to 85,000 BOE + 9% bonus We are looking for a highly skilled and experienced Senior Security Engineer to join a dynamic and growing team for a leading SaaS technology company focused on helping businesses engage in more meaningful customer conversations.About youYou will play a crucial role in securing the organisations infrastructure, systems, and data against cyber threats. As a Senior Security Engineer, you will be responsible for designing, innovating, deploying, and maintaining security measures to safeguard their information assets.What you will be doing-You will be securing the existing infrastructure/ application architecture.-You will act as a advocate for infrastructure/ application Security Design.-You will be collaborating within cross-functional teams to lead security system design and deployment. (DevSecOps approach).-You will be reviewing new technologies and methodologies and introducing integration opportunities (where feasible).-You will be undertaking internal pen testing and creation of external penetration testing scopes.-You will be enhancing security detection and incident response efforts/ playbooks.-You will be monitoring, remediating, and reporting on security events.-You will be Security incident Manager (SIM).-You will vulnerability configure and scan reviews & improvements-You will ensure asset management across tools is accurate.-You will review security codes and security approvals.-You will be supporting the Security & GRC teams in activities for certification requirements.-You will conduct identity and access management improvements-You will mentor junior team members to help them grow in the role.What we are looking for-A minimum of 5+ years hands-on, proven industry experience in a similar role.-You will have worked on a variety of challenging projects, with multiple security tools & be confident working with internal stakeholders to make sure the organization is compliant with PCI DSS, ISO/IEC 27001, SOC & HIPAA & IRAP controls.-You have an in-depth knowledge of security principles, technologies, and best practices, threat detection and mitigation strategies.-Strong understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs.-Mature understanding/ experience with cloud security architecture (AWS, Azure) with a proven track record and work ethic that covers many platforms (Windows/ Linux), to ensure optimal security posture.-Skills in leveraging application monitoring tools- AWS monitoring/alert tools (CloudTrail, Guardduty), Qualys tools and SIEM experience, to detect and respond to security events/ incidents.-Demonstrable experience of managing security solutions (secure Code Scanning, SIEM, IPS, IDS, Vulnerability Scanning, Penetration Testing,) directly, or through an MSSP, in a cloud-based environment.-Proven track record of ensuring data confidentiality, integrity, and availability throughout its lifecycle - during transmission, storage, and processing.-Knowledge of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST.-Proficiency in scripting and programming languages (e.g., Java, .Net, PowerShell, Windows Shell Script).-A proactive approach to staying updated with the latest security threats, vulnerabilities, and mitigation techniques.-Industry certifications such as CISSP, CISM, CEH, ECSA, LPT, OSCP, AWS certified security, or equivalent are highly desirable.What we are offering-Extensive Health Insurance, Income Protection, Life Assurance, Subsidised Gym Membership, Leisure Travel Insurance, Pension Contribution and a Cycle2Work scheme, as well as 25 days’ holiday allowance.To applyPlease apply or share your CV to: #####