This website uses automated algorithms to estimate job visa eligibility and may be incorrect. We recommend you always check the official Skilled Worker Visa guidelines and seek help from a qualified immigration specialist before applying.
Posted on: 02 August 2022
EQ is a leading international provider of shareholder, pension, remediation and credit technology. With over 5,000 employees, it supports 37 Million people in 120 countries. EQ’s purpose is to care for every customer and simplify every transaction, delivered with less of an impact on the environment.
EQ’s vision is to be the leading global share registrar, offering complementary services to its client base.
The Senior Security Engineer will work within a small team delivering Security Engineering services. They will report to the Head of Security Architecture & Engineering; they will share the workload and activities of the Security Engineering team. They will contribute to all the aspects of the team’s services as appropriate to demand, workload, skills and experience and will lead major Security Engineering activities and engagements with wider Group IT colleagues.
Lead in developing and maintaining a Security Technology Framework and Roadmap, jointly with the Group IT Technical Architecture team, for agreement and endorsement by the CISO and the Group Chief Technology Officer (CTO).
Identify efficient and cost-effective solutions for the security mechanisms highlighted by the Technology Framework and Roadmap and by demands arising from business-driven application development.
Within the Technology Framework and Roadmap:
Identify, evaluate and recommend standard security products as potential security solutions.
Specify, document and publish standard secure configurations for general IT platforms that will provide generic security solutions within the Company’s infrastructure.
Develop and document designs for bespoke standard security components that deliver re-usable security functionality.
Prepare standard security products and standard bespoke security solutions in a form that is easier for systems development teams to re-use across projects and systems, thus ensuring the right security mechanisms is implemented in a cost-effective manner; this would not include the coding or building of a standard solutions, but rather the facilitation of the use of existing solutions.
Advise development teams on the incorporation of standard security solutions into project code or infrastructure, to meet specific security requirements, as derived from Policy, through Threat Modelling or the Risk Process.
Identify gaps now and in future in line with the Security Technology Framework and Roadmap, and assist the Head of Security Architecture & Engineering in producing business cases to fund the implementation of technologies and processes to fill the gaps through investment.
Act as the Technical Design Authority for the implementation of standard security solutions, providing ad hoc consultancy advice to systems and infrastructure development projects.
Effectively guide the implementation of new or changed, enterprise-wide security processes and technologies, funded through investment, as the Technology Framework and Roadmap requires.
Organise and steer the performance of pre-production application level testing of security mechanisms.
Educate and advise to the systems development community on secure development practices, using existing and new information-sharing initiatives; coordinate these awareness-raising efforts with the broader Security Awareness campaign(s).
Skills, Knowledge & Experience
The Senior Security Engineer will have held previous positions as IT security engineer, designer or architect. They may have managed a central functional security role or have been engaged in a security role in major application or infrastructure developments. They should have had experience of a variety of projects in order to satisfy the requirement for technical skills breadth. They also require experience of good practice in change implementation, programme and project management.
Extensive experience of designing proportionate defence-in-depth security controls which protect critical information. This should include experience of infrastructure and application security controls, operating system hardening; end point security; network security; encryption; authentication & access control; and secure configuration management.
Creating security standards, blueprints, reference architectures, roadmaps, transition states and target solutions across multiple services.
Experience designing security architectures and solutions across a range of modern deployment technologies including virtualised platforms such as VMware; containerised workloads in Kubernetes; and CI/CD pipelines using tools like Jenkins and Azure DevOps
Demonstrable experience of secure SDLC and secure development practices.
Experience of using SAST capabilities, such as SonarQube.
Experience of adopting security standards and frameworks (such as ISO27001, NIST Cybersecurity Framework, CIS Controls).
Strong understanding of the Cyber Kill Chain and Mitre Framework and how these can be used to determine threat actors and identify attack mitigations.
Experience with threat modelling or other risk identification techniques.
Experience of articulating risks and influencing a wide range of internal and external stakeholders.
Being a permanent member of the team at EQ you will be rewarded by our company benefits, these are just a few of what is on offer:
28 days + 8 bank holidays.
4 x Life Assurance.
Company sick pay (2 months full pay, 2 months half, following probation).
Matched pension scheme up to 10% each side.
Discounts with major retailers.
We are committed to equality of opportunity for all staff and applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships.
Please note any offer of employment is subject to satisfactory pre-employment screening checks. These consist of 5 year activity & GAP verification, DBS or Access NI, Credit, Sanctions & CIFAS checks.
You now have 80 points and can apply for the Skilled Worker visa
Please note that UKHIRED LTD is not registered to provide any immigration advice. Information on our website is taken from the public domain source and therefore might be inaccurate at times. We recommend you always check the official Skilled Worker guidelines available on gov.uk and seek help from a qualified immigration specialist. Our content does not constitute legal advice and is provided for general information purposes only.