At a Glance
- Tasks: Lead security engineering and testing for innovative platforms and services.
- Company: Join a forward-thinking tech company focused on security excellence.
- Benefits: Enjoy hybrid/remote work, 35 days annual leave, and private health benefits.
- Other info: Be part of a dynamic team with opportunities for career growth.
- Why this job: Make a real impact by enhancing security practices and mentoring future engineers.
- Qualifications: Expertise in web application security and hands-on testing tools required.
The predicted salary is between 70000 - 90000 £ per year.
A senior technical role leading security engineering and testing across a growing portfolio of platforms and services.
The Role
- Lead security engineering and testing efforts, setting direction on methodology, tooling, and engagement scoping.
- Work alongside agile delivery teams to embed good security practice throughout the software development lifecycle and help grow the skills of more junior engineers.
- Lead security testing engagements, including penetration tests on web applications, networks, and infrastructure.
- Define and evolve our security testing methodology, outputs, and tool selection.
- Conduct source code reviews and embed security into CI/CD pipelines.
- Coach and develop a small team, supporting performance and career growth.
- Advise customers and colleagues on security best practice, translating complexity for varied audiences.
Experience
- Expertise securing web applications and cloud platforms (AWS or Azure).
- Hands-on experience with manual and automated security testing tools.
- Strong knowledge of security standards such as NCSC, NIST, OWASP ASVS, GDPR, and PCI.
- Familiarity with common attack vectors including OWASP Top 10, XSS, SQL injection, and MITM.
- Experience in Continuous Security, CI, and CD practices.
- Proven ability to mentor and develop team members.
- Scripting or programming experience across Windows, Linux, or macOS.
Desirable
- Penetration testing qualification such as OSCP, CREST, or TIGER.
- Experience with tools including Burp Suite, OWASP-ZAP, Nmap, Nessus, or Metasploit.
- Background working in agile delivery environments.
- Active involvement in the security community.
Package
- Share options
- Hybrid/Remote working - Belfast
- 35 days annual leave inc stat
- Enhanced pension scheme
- Private health
Please apply now if you are meeting the above criteria or contact Andrew Harrison directly.
Skills: Penetration testing, Web application, Cloud security, OWASP, CI/CD, DevSecOps
Benefits: Work From Home
Lead Security Engineer in Newtownabbey employer: Ocho
As a Lead Security Engineer, you will thrive in a dynamic and supportive environment that prioritises employee growth and well-being. With a hybrid/remote working model based in Belfast, you will enjoy an impressive benefits package including 35 days of annual leave, an enhanced pension scheme, and private health coverage, all while being part of a culture that fosters collaboration and continuous learning. Join us to make a meaningful impact in security engineering while developing your skills alongside a talented team.
StudySmarter Expert Advice🤫
We think this is how you could land Lead Security Engineer in Newtownabbey
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the security community. Attend meetups, webinars, or even online forums. You never know who might have the inside scoop on job openings or can refer you directly to hiring managers.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your security projects, whether it's a blog about your latest penetration test or a GitHub repo with your scripts. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common security scenarios and best practices. Be ready to discuss how you've tackled challenges in previous roles, especially around web applications and cloud platforms. Confidence is key, so practice makes perfect!
✨Tip Number 4
Don't forget to apply through our website! We love seeing candidates who are genuinely interested in joining us at StudySmarter. Tailor your application to highlight your experience with security standards and tools mentioned in the job description to catch our eye.
We think you need these skills to ace Lead Security Engineer in Newtownabbey
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that match the Lead Security Engineer role. Highlight your expertise in security testing, cloud platforms, and any relevant qualifications like OSCP or CREST.
Craft a Compelling Cover Letter:Use your cover letter to tell us why you're passionate about security engineering. Share specific examples of how you've led security initiatives or mentored junior engineers, and don’t forget to mention your familiarity with tools like Burp Suite or OWASP-ZAP.
Showcase Your Technical Skills:In your application, be sure to detail your hands-on experience with security testing tools and methodologies. We want to see your knowledge of security standards and common attack vectors, so don’t hold back!
Apply Through Our Website:We encourage you to apply directly through our website for the best chance of getting noticed. It’s the easiest way for us to keep track of your application and ensure it reaches the right people!
How to prepare for a job interview at Ocho
✨Know Your Security Standards
Make sure you brush up on key security standards like NCSC, NIST, and OWASP ASVS. Being able to discuss these in detail will show that you’re not just familiar with them but can also apply them in real-world scenarios.
✨Showcase Your Hands-On Experience
Prepare to talk about your hands-on experience with security testing tools like Burp Suite or OWASP-ZAP. Share specific examples of how you've used these tools in past projects, especially in penetration testing engagements.
✨Demonstrate Your Mentoring Skills
Since the role involves coaching junior engineers, think of examples where you've successfully mentored others. Highlight how you’ve helped team members grow their skills and how you approach performance development.
✨Engage with Real-World Scenarios
Be ready to discuss common attack vectors like XSS and SQL injection. You might be asked to analyse a scenario or case study, so practice articulating your thought process and how you would tackle security challenges.
