Senior Security Engineer

The MDU is undertaking an exciting digital transformation programme and to support this the Cyber Security Team is looking to appoint a Senior Security Engineer. Working closely with delivery teams covering strategic and non-strategic change this role will provide subject matter expertise to keep the MDU, its data and, its member safe from cyber security threats., The Senior Security Engineer will be responsible for the delivery of security technologies in a range of projects and will therefore:

• Have a strong cyber security engineering or professional services background with experience of delivering both large-scale and small-scale projects to a high quality in a fast-paced environment.
• Have a good practical knowledge of both traditional security technologies and modern security tooling to allow support of both the existing and new environments during the digital transformation.
• Have a proven track record of working in cross functional teams to successfully deliver business change and cyber transformation projects.
• Be able to present complex or highly technical issues in simple and easy to understand formats.

Main Responsibilities:

• Lead the installation and commissioning of infrastructure, tooling, and controls within Cyber Security Team led initiatives.
• Provide subject matter expertise in all areas of Cyber Security, including but not limited to:

• Security Architecture
• Application Security
• Cloud Security
• Cryptography

• Provide security engineering support to wider teams ensuring controls and assurance are delivered as part of projects and initiatives.
• Work with suppliers and vendors to coordinate contract security engineers, ensuring projects are appropriately resourced and deliverables are provided to a high standard.
• Organise penetration testing, managing the necessary remedial work and communicating go-live risks.
• Contribute to the development of the security architecture, the SDLC, and application security testing standards.
• Support the Cyber Operations Teams as a point of escalation in the event of Major Incidents, Disaster Recover or Business Continuity scenarios.
• Work with development teams to ensure applications are delivered having followed best practice security testing as part of the SDLC.
• Assist the CISO, as required, in the wider delivery of Cyber Security.

Do you have experience in Financial services?, * Proven experience in a similar role within a mid/large sized organisation, preferably in a regulated industry such as Financial Services or Insurance sectors.

• Strong technical skills with experience and accreditations covering multiple security domains.
• Cyber security subject matter expert with relevant certifications such as CISSP, CISM, CSSP, or equivalent.
• Proficiency in SAST, DAST and SCA with hands on experience integrating such tools into development pipelines.
• Extensive experience of consulting on projects, building in security requirements and ensuring services go-live with minimal security risk.
• Strong analytical and problem-solving skills with a strategic mindset and attention to detail.
• Excellent written and verbal communication skills, with the ability to articulate complex concepts to non-technical stakeholders.