At a Glance
- Tasks: Lead security initiatives and guide teams on secure product development.
- Company: Dynamic retail tech company with a focus on security innovation.
- Benefits: Competitive daily rate, hybrid work model, and opportunities for professional growth.
- Other info: Join a supportive team with a commitment to reducing friction in workflows.
- Why this job: Make a real impact on product security while collaborating with talented engineers.
- Qualifications: Strong security background and understanding of modern application development.
We require a strong, application-focused Security Architect with a keen background in development or at least the ability to assure a product's architecture and have low-level, detailed conversations with engineers on the product whilst also facing off to more senior stakeholders in the business.
You will be responsible for augmenting the Security Architecture team with speciality skills and help scale our security presence across the wider technology and infrastructure teams.
- Provide engineering and product teams with direction and guidance for all security matters.
- Help product teams deliver new business features securely while balancing and clearly articulating technical and business risk.
- Drive the deployment/integration of security capabilities into engineering teams within the product domain.
- Drive security initiatives such as developing security requirements, threat modelling, strengthening application security, vulnerability reduction, etc., with the engineering teams.
- Support teams in a collaborative manner in matters of mobile application, web application, cloud and data security, with threat modelling, risk treatment and security advice across all security domains.
- Facilitate risk remediation but also challenge decisions and status-quo.
- Facilitate in assurance activities like penetration testing, purple testing, app assurance.
- Build quarterly/monthly roadmaps for security activities and plan them.
To excel in this position, we expect you to have the following:
- Solid security experience across common security domains.
- A thorough understanding of modern application development practices.
- Excellent interpersonal, facilitation, and leadership skills along with effective communication (both written and verbal) skills.
- Ability to provide security guidance to engineering teams throughout the product development lifecycle.
- Ability to develop threat models, attack trees, and embed security by design in product engineering effort.
- Good understanding of web technologies, REST APIs, micro services, modern application development, and mobile apps.
- Good understanding of software architecture, dev-sec-ops, and network security.
- Experience in browser security or mobile app security is desirable.
- Good understanding of industry standards such as OWASP ASVS, OWASP Top-10, CIS benchmarks.
- Hands-on experience with complex Azure and AWS architectures with an emphasis on containerised workloads.
- Command-line/API experience is highly desirable as security automation is a strategic priority.
- Some coding experience in something is always a plus - Java, HTML, JavaScript.
- Knowledge of and experience with PCI-DSS will be desirable.
- Azure or AWS cloud security certifications (preferred).
Candidates will ideally show evidence of the above in their CV in order to be considered.
Security Architect (API / Product Security) in London employer: Pontoon
Join a forward-thinking retail company that prioritises security and innovation, offering a dynamic work environment in London. With a strong emphasis on employee growth, collaborative culture, and competitive daily rates, this role as a Security Architect allows you to make a meaningful impact while working alongside talented professionals. Enjoy the unique advantage of a hybrid work model that balances onsite collaboration with flexible remote work, fostering both productivity and work-life balance.
StudySmarter Expert Advice🤫
We think this is how you could land Security Architect (API / Product Security) in London
✨Tip Number 1
Network like a pro! Reach out to folks in your industry on LinkedIn or at local meetups. A friendly chat can lead to opportunities that aren’t even advertised yet.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repo showcasing your security projects. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common security scenarios and challenges. Be ready to discuss how you’d tackle real-world problems, especially those related to API and product security.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love hearing from passionate candidates like you!
We think you need these skills to ace Security Architect (API / Product Security) in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your security experience and understanding of application development practices. We want to see how your skills align with the role, so don’t be shy about showcasing relevant projects!
Showcase Your Communication Skills:Since you'll be interacting with both engineers and senior stakeholders, it's crucial to demonstrate your excellent communication skills. Use clear and concise language in your application to reflect this ability.
Highlight Relevant Experience:Be specific about your hands-on experience with security frameworks like OWASP and your familiarity with cloud architectures. We love seeing concrete examples that illustrate your expertise in these areas.
Apply Through Our Website:We encourage you to apply directly through our website for a smoother process. It helps us keep track of your application and ensures you’re considered for this exciting opportunity!
How to prepare for a job interview at Pontoon
✨Know Your Security Fundamentals
Make sure you brush up on your knowledge of common security domains and industry standards like OWASP ASVS and the OWASP Top-10. Being able to discuss these confidently will show that you have a solid foundation in security principles, which is crucial for a Security Architect role.
✨Understand Application Development Practices
Familiarise yourself with modern application development practices and how security can be integrated without causing friction for developers. Be ready to discuss how you can help teams deliver features securely while balancing technical and business risks.
✨Prepare for Technical Conversations
Since you'll need to engage in detailed discussions with engineers, practice articulating complex security concepts in a way that's easy to understand. Think about examples from your past experiences where you've successfully communicated security needs to both technical and non-technical stakeholders.
✨Showcase Your Hands-On Experience
Be prepared to share specific examples of projects you've completed in security engineering or related areas. Highlight any hands-on experience with Azure or AWS architectures, as well as any coding skills you possess. This will demonstrate your practical understanding of security in real-world applications.
