Back to jobs

Security Engineer

Job description

Security Engineer

Contract – 6 Months Rolling

Cambridge (Easy access from Cambridge railway)

Day Rate – Negotiable

A global leading security tech company, offering solutions to sensitive information in the information technology space, based in modern, state of the art offices in Cambridge are recruiting a Contract Security Engineer. This company is responsible for millions of people’s hardware information, so as you can imagine the complexity of some of their software is impressive. You’ll be working with complex tech, giving people the chance to explore varied career paths in a challenging and rewarding organisation.

Areas of specific technical subject matter expertise should encompass one or more of the following disciplines:

  • Secure product design
  • Cryptography
  • Vulnerability analysis
  • Physical (electronic) security
  • Defensive coding
  • Side-channel threats, or security certifications

As an integrated member of the development teams, the Security Engineer is responsible for ensuring all product security requirements are defined and addressed throughout the entire product lifecycle.  

Key Areas of Responsibility:

  • Collaborate in the creation of product functional specifications and designs for new products to ensure security requirements are addressed and implemented correctly; should be well versed in threat modelling and mitigation strategies;
  • Own, implement, and monitor the secure product development practices and processes for the entire product development lifecycle;
  • Serve as the primary point of contact for the team on security technologies and threat mitigation best practices; examples include practical application of cryptography, key management, trust, authentication, penetration testing, and defensive engineering techniques;
  • Liaise with the Certification Engineers and the product development team to ensure the design and implementation facilitate current and future certification roadmaps;
  • Act as a mentor to the development teams on how to create secure and certifiable designs;
  • Initiate security enhancements on existing products which positively affect the product's marketability;
  • Keep abreast of emerging security technologies as required by the business;

Technical Knowledge/Skills & Experience Required:

  • 3+ years of direct experience relating to security product development; specific focus on secure software or hardware product developments to include application in the areas of general-purpose cryptographic modules, payments processing, user authentication, or trust management;
  • 3+ years of experience applying cryptography in product developments; usage of interfaces such as PKCS #11, MS CAPI/CNG, or KMIP is desirable;
  • Practical experience and understanding of the following languages: C/C++, Java, or Python;
  • Experience with virtualization technologies such as VMWare, Xen, or VirtualBox is desirable;
  • Understanding and experience with commercial product release engineering practices; specifically, with Scrum and/or Agile methodologies;
  • Exposure and understanding of product security evaluations, specifically with FIPS-140-2, PCI and/or Common Criteria;

 
Please apply today to Shannen Talbot (Shannen@socode.co.uk / 01223 620870) to discuss the role and client in more detail

At SoCode, we pride ourselves on an attractive referral scheme. If you have Friends, Family or Colleagues looking for a new position in the near future tell them to contact us.