Responsibilities Partner with internal teams to ensure timely remediation of prioritized vulnerabilities Conduct application security testing to identify and mitigate vulnerabilities Oversee the operation and continuous improvement of SCA, SAST, and DAST tools Develop, maintain, and enhance Software Bills of Materials (SBOMs) to manage software supply‑chain risks Establish and evolve application security maturity frameworks (e.g., OWASP SAMM) to guide program development Drive secure cloud operations by aligning infrastructure monitoring with best‑practice frameworks and cloud provider benchmarks Embed and continuously monitor security services in CI/CD workflows to enable automated security checks throughout the development lifecycle Maintain and upgrade existing security systems to ensure optimal performance and protection Foster a security‑first mindset within DevOps and development teams through collaboration and awareness initiatives Qualifications 3+ years in DevOps, Security Engineering, or related roles Background in software development or secure coding Strong experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD) Strong verbal and written communication skills, with the ability to convey complex ideas clearly Proficiency in scripting languages (e.g., Python, Bash) Experience working collaboratively in cross‑functional teams, with a focus on achieving shared goals Expertise in managing multiple projects simultaneously, delivering on time and within scope Exceptional attention to detail, ensuring high standards of quality in all outputs Ability to adapt quickly to changing environments and priorities Experience with application security testing and vulnerability identification and prioritization Experience with container security and vulnerability detection and remediation Experience with major cloud platforms such as AWS and Azure Working knowledge of IaC tools such as Terraform and AWS CloudFormation Solid grasp of security best practices and compliance frameworks (e.g., ISO, SOC2, NIST) Desirable skills Passion for collaboration with external parties to ensure secure product lifecycles Familiarity with security tools such as Snyk, SonarQube, OWASP ZAP Highly self‑driven with a strong focus on achieving measurable outcomes Curiosity and proactive approach to staying current with emerging technologies and security trends Hands‑on experience with application security testing tools such as Burp Suite for manual and automated vulnerability discovery Benefits Comprehensive learning and development programmes Performance feedback and coaching Employee Assistance Programme Work‑from‑home allowance Team socials and social events Employment Conditions: This position requires trust and honesty and access to customers' financial details. Credit and criminal record checks will be conducted, as well as qualification verification checks. By applying for this role and providing the necessary details, you grant permission for these checks to be performed. #J-18808-Ljbffr