At a Glance
- Tasks: Lead security initiatives and guide teams on secure product development.
- Company: Dynamic retail company with a focus on innovative security solutions.
- Benefits: Competitive daily rate, hybrid work model, and opportunities for professional growth.
- Other info: Join a supportive team with a commitment to continuous improvement and innovation.
- Why this job: Make a real impact on product security while collaborating with talented engineers.
- Qualifications: Strong security background and understanding of modern application development practices.
We require a strong, application-focused Security Architect with a keen background in development or at least the ability to assure a product’s architecture and have low-level, detailed conversations with engineers on the product whilst also facing off to more senior stakeholders in the business.
You will be responsible for augmenting the Security Architecture team with speciality skills and help scale our security presence across the wider technology and infrastructure teams.
- Provide engineering and product teams with direction and guidance for all security matters.
- Help product teams deliver new business features securely while balancing and clearly articulating technical and business risk.
- Drive the deployment/integration of security capabilities into engineering teams within the product domain.
- Drive security initiatives such as developing security requirements, threat modelling, strengthening application security, vulnerability reduction, etc., with the engineering teams.
- Support teams in a collaborative manner in matters of mobile application, web application, cloud and data security, with threat modelling, risk treatment and security advice across all security domains.
- Facilitate risk remediation but also challenge decisions and status-quo.
- Facilitate in assurance activities like penetration testing, purple testing, app assurance.
- Build quarterly/monthly roadmaps for security activities and plan them.
To excel in this position, we expect you to have the following:
- Solid security experience across common security domains.
- A thorough understanding of modern application development practices.
- Excellent interpersonal, facilitation, and leadership skills along with effective communication (both written and verbal) skills.
- Ability to provide security guidance to engineering teams throughout the product development lifecycle.
- Ability to develop threat models, attack trees, and embed security by design in product engineering effort.
- Good understanding of web technologies, REST APIs, micro services, modern application development, and mobile apps.
- Good understanding of software architecture, dev-sec-ops, and network security.
- Experience in browser security or mobile app security is desirable.
- Good understanding of industry standards such as OWASP ASVS, OWASP Top-10, CIS benchmarks.
- Hands-on experience with complex Azure and AWS architectures with an emphasis on containerised workloads.
- Command-line/API experience is highly desirable as security automation is a strategic priority.
- Some coding experience in something is always a plus - Java, HTML, JavaScript.
- Knowledge of and experience with PCI-DSS will be desirable.
- Multiple examples of completed projects in security engineering or closely related areas.
- Azure or AWS cloud security certifications (preferred).
Candidates will ideally show evidence of the above in their CV in order to be considered.
Security Architect (API / Product Security) employer: Pontoon Solutions
As a leading employer in the retail sector, we offer a dynamic work environment that fosters innovation and collaboration. Our London-based team enjoys a hybrid work model, providing flexibility while engaging in meaningful projects that enhance security across our technology landscape. With a strong focus on employee growth, we provide ample opportunities for professional development and encourage a culture of open communication and teamwork, making us an excellent choice for those looking to make a significant impact in their careers.
StudySmarter Expert Advice🤫
We think this is how you could land Security Architect (API / Product Security)
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the security field. Attend meetups, webinars, or even just grab a coffee with someone who’s already in the game. You never know when a casual chat might lead to your next big opportunity.
✨Tip Number 2
Show off your skills! If you’ve got a portfolio of projects or contributions to open-source security tools, make sure to highlight them. It’s all about demonstrating your hands-on experience and how you can add value to the team.
✨Tip Number 3
Prepare for those interviews! Brush up on your technical knowledge and be ready to discuss real-world scenarios. Think about how you’d approach security challenges in product development and be ready to share your insights.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets the attention it deserves. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Security Architect (API / Product Security)
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your security experience and understanding of application development practices. We want to see how your skills align with the role, so don’t be shy about showcasing relevant projects you've worked on!
Showcase Your Communication Skills:Since you'll be interacting with both engineers and senior stakeholders, it's crucial to demonstrate your excellent communication skills. Use clear and concise language in your application to reflect this ability.
Highlight Relevant Experience:Be specific about your hands-on experience with security domains, especially around APIs and product security. Mention any relevant certifications or projects that can back up your expertise – we love seeing concrete examples!
Apply Through Our Website:We encourage you to apply directly through our website for a smoother process. It helps us keep track of your application and ensures you’re considered for the role without any hiccups!
How to prepare for a job interview at Pontoon Solutions
✨Know Your Security Stuff
Make sure you brush up on your knowledge of security domains, especially around application security and API security. Be ready to discuss how you've tackled security challenges in past projects and how you can apply that experience to the role.
✨Speak Their Language
Since you'll be interacting with both engineers and senior stakeholders, practice articulating complex security concepts in a way that's easy for everyone to understand. Use examples from your experience to demonstrate how you can bridge the gap between technical and business discussions.
✨Show Your Collaborative Side
Prepare to showcase your teamwork skills. Think of examples where you've successfully collaborated with engineering teams to integrate security into their workflows without adding friction. Highlight your ability to provide guidance while also being open to feedback.
✨Be Ready for Technical Questions
Expect some deep dives into your technical knowledge, especially around threat modelling and security automation. Brush up on your understanding of tools and frameworks like OWASP and be prepared to discuss how you've used them in real-world scenarios.
