At a Glance
- Tasks: Lead security testing and engineering across diverse platforms, ensuring robust security practices.
- Company: Dynamic tech company focused on innovative security solutions.
- Benefits: Hybrid/remote work, 35 days annual leave, enhanced pension, and private health.
- Other info: Join a collaborative team with opportunities for professional growth and development.
- Why this job: Make a real impact in security while mentoring the next generation of engineers.
- Qualifications: Expertise in web application security and hands-on testing experience required.
The predicted salary is between 60000 - 80000 £ per year.
A senior technical role leading security engineering and testing across a growing portfolio of platforms and services.
The Role
You will lead security engineering and testing efforts, setting direction on methodology, tooling, and engagement scoping. Working alongside agile delivery teams, you will embed good security practice throughout the software development lifecycle and help grow the skills of more junior engineers.
Day-to-day
- Lead security testing engagements, including penetration tests on web applications, networks, and infrastructure.
- Define and evolve our security testing methodology, outputs, and tool selection.
- Conduct source code reviews and embed security into CI/CD pipelines.
- Coach and develop a small team, supporting performance and career growth.
- Advise customers and colleagues on security best practice, translating complexity for varied audiences.
Experience
- Expertise securing web applications and cloud platforms (AWS or Azure).
- Hands-on experience with manual and automated security testing tools.
- Strong knowledge of security standards such as NCSC, NIST, OWASP ASVS, GDPR, and PCI.
- Familiarity with common attack vectors including OWASP Top 10, XSS, SQL injection, and MITM.
- Experience in Continuous Security, CI, and CD practices.
- Proven ability to mentor and develop team members.
- Scripting or programming experience across Windows, Linux, or macOS.
Desirable
- Penetration testing qualification such as OSCP, CREST, or TIGER.
- Experience with tools including Burp Suite, OWASP-ZAP, Nmap, Nessus, or Metasploit.
- Background working in agile delivery environments.
- Active involvement in the security community.
Package
- Share options
- Hybrid/Remote working - Belfast
- 35 days annual leave inc stat
- Enhanced pension scheme
- Private health
Please apply now if you are meeting the above criteria or contact Andrew Harrison directly.
Lead Security Engineer in Belfast employer: Ocho People
As a Lead Security Engineer, you will thrive in a dynamic and supportive environment that prioritises employee growth and development. With a strong emphasis on collaboration and innovation, our company offers hybrid working options in Belfast, 35 days of annual leave, and an enhanced pension scheme, ensuring a healthy work-life balance. Join us to not only lead security initiatives but also to mentor the next generation of engineers while being part of a vibrant security community.
StudySmarter Expert Advice🤫
We think this is how you could land Lead Security Engineer in Belfast
✨Tip Number 1
Network like a pro! Reach out to your connections in the security field, attend meetups, and engage in online forums. The more people you know, the better your chances of landing that Lead Security Engineer role.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your security testing projects, methodologies, and any cool tools you've developed or used. This will give potential employers a taste of what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on common security challenges and solutions. Be ready to discuss your experience with OWASP Top 10 and how you've tackled vulnerabilities in past roles. Confidence is key!
✨Tip Number 4
Don't forget to apply through our website! We love seeing applications directly from candidates who are passionate about security. Plus, it gives us a chance to see your enthusiasm right from the start.
We think you need these skills to ace Lead Security Engineer in Belfast
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that match the Lead Security Engineer role. Highlight your expertise in securing web applications and cloud platforms, as well as any relevant security testing tools you've used.
Craft a Compelling Cover Letter:Use your cover letter to tell us why you're passionate about security engineering. Share specific examples of how you've led security testing engagements or coached junior engineers, and don’t forget to mention your familiarity with security standards!
Show Off Your Technical Skills:In your application, be sure to showcase your hands-on experience with manual and automated security testing tools. Mention any penetration testing qualifications you have, like OSCP or CREST, to really stand out!
Apply Through Our Website:We encourage you to apply directly through our website for the best chance of getting noticed. It’s the easiest way for us to keep track of your application and ensure it reaches the right people!
How to prepare for a job interview at Ocho People
✨Know Your Stuff
Make sure you brush up on your knowledge of security standards like NCSC, NIST, and OWASP ASVS. Be ready to discuss how you've applied these in real-world scenarios, especially when it comes to securing web applications and cloud platforms like AWS or Azure.
✨Show Off Your Tools
Familiarise yourself with the manual and automated security testing tools mentioned in the job description, such as Burp Suite and OWASP-ZAP. Be prepared to talk about your hands-on experience with these tools and how you've used them in past projects.
✨Demonstrate Your Coaching Skills
Since this role involves mentoring junior engineers, think of examples where you've successfully coached or developed team members. Highlight your approach to performance management and how you’ve helped others grow in their careers.
✨Engage with Real-World Scenarios
Prepare for situational questions by thinking through common attack vectors like XSS and SQL injection. Be ready to explain how you would handle these scenarios in a practical setting, showcasing your problem-solving skills and security mindset.
