The MDU is undertaking an exciting digital transformation programme and to support this the Cyber Security Team is looking to appoint a Senior Security Engineer. Working closely with delivery teams covering strategic and non-strategic change this role will provide subject matter expertise to keep the MDU, its data and, its member safe from cyber security threats.
Responsibilities
- Have a strong cyber security engineering or professional services background with experience of delivering both large-scale and small-scale projects to a high quality in a fast-paced environment.
- Have a good practical knowledge of both traditional security technologies and modern security tooling to allow support of both the existing and new environments during the digital transformation.
- Have a proven track record of working in cross functional teams to successfully deliver business change and cyber transformation projects.
- Be able to present complex or highly technical issues in simple and easy to understand formats.
Main Responsibilities
- Lead the installation and commissioning of infrastructure, tooling, and controls within Cyber Security Team led initiatives.
- Provide subject matter expertise in all areas of Cyber Security, including but not limited to:
- Security Architecture
- Application Security
- Cloud Security
- Cryptography
- Provide security engineering support to wider teams ensuring controls and assurance are delivered as part of projects and initiatives.
- Work with suppliers and vendors to coordinate contract security engineers, ensuring projects are appropriately resourced and deliverables are provided to a high standard.
- Organise penetration testing, managing the necessary remedial work and communicating go-live risks.
- Contribute to the development of the security architecture, the SDLC, and application security testing standards.
- Support the Cyber Operations Teams as a point of escalation in the event of Major Incidents, Disaster Recovery or Business Continuity scenarios.
- Work with development teams to ensure applications are delivered having followed best practice security testing as part of the SDLC.
- Assist the CISO, as required, in the wider delivery of Cyber Security.
Skills And Experience
- Proven experience in a similar role within a mid/large sized organisation, preferably in a regulated industry such as Financial Services or Insurance sectors.
- Strong technical skills with experience and accreditations covering multiple security domains.
- Cyber security subject matter expert with relevant certifications such as CISSP, CISM, CSSP, or equivalent.
- Proficiency in SAST, DAST and SCA with hands on experience integrating such tools into development pipelines.
- Extensive experience of consulting on projects, building in security requirements and ensuring services go-live with minimal security risk.
- Strong analytical and problem-solving skills with a strategic mindset and attention to detail.
- Excellent written and verbal communication skills, with the ability to articulate complex concepts to non-technical stakeholders.
