Security Engineer

Client of 6 Pence

Role Overview:

• We are looking for a skilled and proactive Security Engineer to design, implement, and maintain security systems and controls across our infrastructure, applications, and cloud environments.
• You will work cross-functionally with engineering, DevOps, and compliance teams to embed security into every layer of the organization.

Duties & Responsibilities:

Application Security:

• Perform secure code reviews and static/dynamic application security testing (SAST/DAST)
• Integrate security testing into CI/CD pipelines (shift-left security)
• Identify and remediate OWASP Top 10 vulnerabilities
• Conduct threat modeling for new features and architectures
• Work with developers to establish secure coding standards and guidelines

Cloud & Infrastructure Security:

• Design and enforce security controls across AWS environments
• Implement and monitor Cloud Security Posture Management (CSPM) using tools like Prowler, Wiz, or Prisma Cloud
• Manage IAM policies, least privilege access, and role-based access control (RBAC)
• Harden OS, container, and Kubernetes configurations
• Perform vulnerability scanning of cloud workloads and container images (Trivy, Qualys etc.)

Detection & Response:

• Build and tune detection rules in SIEM platforms (Splunk, Elastic, LogRhythm)
• Investigate security alerts, triage incidents, and lead incident response activities
• Conduct forensic analysis on endpoints, logs, and cloud resources
• Develop and maintain incident response playbooks.

Network Security:

• Design and maintain firewall rules, VPC security groups, and network segmentation
• Monitor network traffic for anomalies and potential threats
• Implement and manage VPN, zero trust network access (ZTNA), and WAF solutions

Vulnerability Management:

• Run regular vulnerability assessments across infrastructure and applications
• Prioritize and track remediation of findings in collaboration with engineering teams
• Manage and report on the organization's attack surface
• Coordinate penetration testing with internal red teams or external vendors

Security Automation & Tooling:

• Build security automation scripts and tooling (Python, Bash, Go)
• Integrate security tools into DevSecOps workflows
• Manage security tool stack including EDR, SIEM, SOAR, secrets management (HashiCorp Vault, AWS Secrets Manager)
• Develop dashboards and metrics for security visibility

Governance, Risk & Compliance (GRC) Support:

• Support compliance audits (SOC 2, ISO 27001, PCI-DSS,)
• Assist in developing and maintaining security policies and procedures
• Contribute to risk assessments and security awareness programs