Description
Senior Security EngineerContract: 6 months initially
Outside IR35
Location - Remote
Experience:
- Understanding of Threat modelling and risk assessments
- Knowledge of secure coding principles (OWASP and OWASP mobile, SANS)
- Cloud Security Architecture of public clouds (AWS or GCP)
- Security certification - CISSP, CCP, SANS, GAIC, Ethical Hacker
- Experience with designing and administering identity management (authentication and authorization including policy enforcement points, token services, protocols such as OAuth2)
- Experience in cryptography including encryption, signing and digital certificates, Principles of securing mobile applications and web services, Docker or Kubernetes and infrastructure as code
- Understanding of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform)
- Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes