At a Glance
- Tasks: Lead security engineering and testing for innovative platforms and services.
- Company: Join a forward-thinking tech company focused on security excellence.
- Benefits: Enjoy hybrid/remote work, 35 days annual leave, and private health benefits.
- Other info: Great opportunity for career growth and mentoring junior engineers.
- Why this job: Make a real impact by embedding security in cutting-edge software development.
- Qualifications: Expertise in web application security and cloud platforms required.
The predicted salary is between 60000 - 80000 £ per year.
A senior technical role leading security engineering and testing across a growing portfolio of platforms and services.
The Role
- Lead security engineering and testing efforts, setting direction on methodology, tooling, and engagement scoping.
- Work alongside agile delivery teams to embed good security practice throughout the software development lifecycle and help grow the skills of more junior engineers.
- Lead security testing engagements, including penetration tests on web applications, networks, and infrastructure.
- Define and evolve our security testing methodology, outputs, and tool selection.
- Conduct source code reviews and embed security into CI/CD pipelines.
- Coach and develop a small team, supporting performance and career growth.
- Advise customers and colleagues on security best practice, translating complexity for varied audiences.
Experience
- Expertise securing web applications and cloud platforms (AWS or Azure).
- Hands-on experience with manual and automated security testing tools.
- Strong knowledge of security standards such as NCSC, NIST, OWASP ASVS, GDPR, and PCI.
- Familiarity with common attack vectors including OWASP Top 10, XSS, SQL injection, and MITM.
- Experience in Continuous Security, CI, and CD practices.
- Proven ability to mentor and develop team members.
- Scripting or programming experience across Windows, Linux, or macOS.
Desirable
- Penetration testing qualification such as OSCP, CREST, or TIGER.
- Experience with tools including Burp Suite, OWASP-ZAP, Nmap, Nessus, or Metasploit.
- Background working in agile delivery environments.
- Active involvement in the security community.
Package
- Share options
- Hybrid/Remote working - Belfast
- 35 days annual leave inc stat
- Enhanced pension scheme
- Private health
Please apply now if you are meeting the above criteria or contact Andrew Harrison directly.
Skills: Penetration testing, Web application, Cloud security, OWASP, CI/CD, DevSecOps
Benefits: Work From Home
Lead Security Engineer in Belfast employer: Ocho
As a Lead Security Engineer, you will thrive in a dynamic and supportive environment that prioritises employee growth and well-being. With a hybrid/remote working model based in Belfast, you will enjoy an impressive benefits package including 35 days of annual leave, an enhanced pension scheme, and private health coverage, all while being part of a culture that values collaboration and continuous learning. Join us to make a meaningful impact in security engineering while advancing your career alongside passionate professionals.
StudySmarter Expert Advice🤫
We think this is how you could land Lead Security Engineer in Belfast
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the security community. Attend meetups, webinars, or even online forums. You never know who might have the inside scoop on job openings or can refer you directly to hiring managers.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your security projects, whether it's a blog about your latest penetration test or a GitHub repo with your scripts. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common security scenarios and best practices. Be ready to discuss your experience with tools like Burp Suite or OWASP-ZAP. We want to see how you think and approach problems, so practice articulating your thought process.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who are proactive and engaged. So, hit that apply button and let’s get you on board!
We think you need these skills to ace Lead Security Engineer in Belfast
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that match the Lead Security Engineer role. Highlight your expertise in security testing, cloud platforms, and any relevant qualifications like OSCP or CREST.
Craft a Compelling Cover Letter:Use your cover letter to tell us why you're passionate about security engineering. Share specific examples of how you've led security initiatives or mentored junior engineers to show us what you can bring to the team.
Showcase Your Technical Skills:Don’t forget to mention your hands-on experience with tools like Burp Suite or OWASP-ZAP. We want to see your familiarity with security standards and methodologies, so be clear about your technical prowess.
Apply Through Our Website:We encourage you to apply directly through our website for the best chance of getting noticed. It’s the easiest way for us to keep track of your application and ensure it reaches the right people!
How to prepare for a job interview at Ocho
✨Know Your Security Standards
Make sure you brush up on security standards like NCSC, NIST, and OWASP ASVS. Be ready to discuss how these frameworks apply to the role and share examples of how you've implemented them in past projects.
✨Show Off Your Technical Skills
Prepare to demonstrate your hands-on experience with security testing tools like Burp Suite or OWASP-ZAP. You might be asked to walk through a recent penetration test you conducted, so have a case study ready to showcase your expertise.
✨Emphasise Your Mentoring Experience
Since this role involves coaching junior engineers, think of specific instances where you've mentored others. Share how you helped them grow their skills and how you approach teaching complex security concepts to varied audiences.
✨Familiarise Yourself with Agile Practices
As you'll be working alongside agile delivery teams, it’s crucial to understand agile methodologies. Be prepared to discuss how you've integrated security into CI/CD pipelines and how you collaborate with development teams to embed security practices.
