Cyber Security Infrastructure Engineer

As a Cyber Security Engineer you will be responsible for embedding security into all stages of the Software Development Life Cycle (SDLC) in a large-scale, complex environment.You will play a key role in maintaining the security of nearly 1 billion lines of code by implementing and maintaining modern software delivery practices, including automation and continuous integration/continuous delivery (CI/CD) pipelines.You will ensure the development and deployment of secure, resilient software solutions.Working collaboratively with development, operations, and security teams, you will design and implement security policies and controls that prevent vulnerabilities, ensuring alignment with industry best practices.You will contribute to the enhancement of security processes and tooling that support the DevOps model, ensuring security is integrated at every step of the development cycle.Key Responsibilities:Embed security practices throughout the SDLC, leveraging automation, DevOps, and CI/CD pipelines to maintain the integrity of vast, diverse codebasesCollaborate with engineering and development teams to implement security controls that protect against vulnerabilities in code and infrastructureDevelop and automate security policies and processes within the CI/CD pipeline, ensuring timely detection and remediation of security issuesContribute to the operational security of code and infrastructure in both cloud-native and on-premise environmentsAssist in building and maintaining security tooling to monitor and enforce security standards in the SDLCActively participate in incident response and remediation efforts, working with security operations teams to identify and mitigate risksStay current with industry trends, standards, and best practices for secure software development, sharing knowledge across teamsIt would also be helpful to have skills in the following areas:Hands-on Experience with Security ToolsExperience with any of the following security platforms or tools: Vulnerability scanning and management tools (e.g., SAST and DAST)Cloud security services (e.g., AWS GuardDuty, Azure Security Centre)Security Orchestration, Automation, and Response (SOAR) platformsWeb Application Firewalls (WAFs) and Endpoint Detection and Response (EDR) solutionsUnderstanding of Security in DevOps: Experience or familiarity with integrating security into DevOps workflows (DevSecOps)Programming/Scripting Skills: Familiarity with languages such as Python, nodeJs, Bash, or similar for automating security tasks When giving details of your CV, you should therefore include details of the work and projects that you have been involved in, and your role therein.