Sign In
Sign In
Get Password
Create account
Join Now

Job Detail

Lead Application Security Engineer – Elliott James

  • Job DurationMore than 06 months
  • Project LevelMedium Level
Send Proposal

Project detail

A leading global investment management firm are seeking a talented DevSecOps Engineer to join their elite Technology team. This is your chance to champion a security-first culture and protect the integrity of our world-class platform.

The Role:

In this pivotal role, you will work at the intersection of development, operations, and security. You’ll be instrumental in designing, implementing, and managing a robust DevSecOps framework, seamlessly integrating cutting-edge security tools and practices into our CI/CD workflows. Your work will be critical in empowering our developers and safeguarding our assets.

What You’ll Do:

Design, implement, and manage a comprehensive DevSecOps framework to enhance the developer experience.
Champion a security-first mindset, promoting secure coding practices and providing expert guidance across development teams.
Develop security-focused policies, standards, and training programmes to elevate our security posture.
Create and monitor Key Risk Indicators (KRIs) to measure progress and identify areas for improvement.
Implement and manage security testing tools (SAST, DAST, SCA, OSS) within our CI/CD pipelines.
Automate security controls and compliance checks to ensure adherence to industry best practices and regulatory requirements.
Troubleshoot and resolve complex security issues throughout the software development lifecycle.
Proactively research emerging threats and vulnerabilities to continuously refine our security practices.

What We’re Looking For:

7–10 years of experience in software development, DevOps, or security engineering, with a demonstrable focus on DevSecOps practices.
Expertise in CI/CD tools such as GitHub, Jenkins, GitLab CI/CD, or Azure DevOps.
Proficiency in infrastructure-as-code tools like Terraform or CloudFormation.
Strong scripting and automation skills using Python, Bash, or similar languages.
Hands-on experience with security testing tools such as SonarQube, SNYK, Nessus, or Qualys.
Familiarity with containerisation and orchestration technologies like Docker and Kubernetes.
Solid knowledge of security best practices for cloud environments (AWS, Azure, GCP).
An understanding of security frameworks and standards such as NIST CSF, ISO 27001, or SOC 2.
Excellent communication and collaboration skills, with the ability to thrive in a fast-paced, agile environment.
An unwavering commitment to the highest ethical standards.

Why Join Us?

This is a unique opportunity to make a tangible impact within a world-class technology organisation that prioritises innovation and integrity. We offer a highly competitive compensation and benefits package, significant opportunities for professional development, and the chance to collaborate with some of the brightest minds in the industry.

Skills Required

Automation Tools BI Tools Cloud Infrastructure Management Coding Skills Communication Skills Compensation and Benefits Hand and Power Tool Operation HR Compliance Knowledge of Regulatory Frameworks Proficiency in Design Software Regulatory Compliance Regulatory Knowledge Research Skills Risk Management Risk Management Investment Scripting Scripting for Automation Software Development Lifecycle Software Proficiency Team Management Training and Development

Industry Categories

Compliance Investment Management Operations Management Security

Freelancer type required for this project

Agency Freelancers