Principal Security Engineer
London, United Kingdom
Full Time
R&D (C8) Dev
Experienced
Company Overview: Centric Software is a leading global provider of SaaS-based solutions, serving customers in [industries you serve] across the world. Our platform leverages cutting-edge cloud technologies to deliver innovative and scalable services to our clients. We are committed to maintaining the highest standards of security, ensuring the integrity, confidentiality, and availability of our services.
Role Overview: We are seeking a highly experienced and motivated Principal Cyber Security Engineer to support the design, implementation, and management of security across our multi-cloud infrastructure. This role is critical to the continued security and compliance of our global SaaS platform. The ideal candidate will possess expertise in cloud security and have a strong background in supporting the design and operations of large-scale, distributed systems.
Key Responsibilities:
Security Architecture & Design: Support the development of the security architecture design for the multi-cloud infrastructure, ensuring that all security engineering measures align with good industry practice and compliance requirements.
Support Assurance and Compliance: Ensure that assurance and compliance of the platform is completed through a framework process and approval process is completed through key stakeholders and governance processes.
Compliance & Risk Management: Ensure that all cloud services meet necessary regulatory and compliance standards (e.g., GDPR, ISO 27001, SOC 2), and participate in the audit processes to ensure that the multi-cloud platform obtains certification.
Security Architecture Control Development and Implementation: Support the design of security controls to eliminate and mitigate identified risks within a multi-cloud environment.
Security Operations: Identify, develop and handover to service effective security operations.
Security Test: Assist and manage with the development of security test scope, test execution and management of test issues.
Delivery Pipeline Integration: Collaborate with DevOps and development teams to integrate security into the CI/CD pipeline, ensuring secure coding practices and automating security checks.
Mentorship & Leadership: Lead a team of security engineers who implement and monitor the security controls for the platform. Provide guidance and mentorship to security engineers, fostering a culture of excellence in delivery, continuous learning and professional development.
Stakeholder Engagement: Work closely with various stakeholders, including the Global Security team and engineering colleagues, to ensure that security considerations are integral to all business decisions.
Experience, Skills, Qualifications:
Education: Degree in Computer Science, Information Security, or a related field, or equivalent work experience will also be considered.
Experience: Minimum of 3 years of experience in cybersecurity, with cloud security forming a significant part; ideally with security engineering operations on Amazon web services, micro-service based applications hosted on Kubernetes.
Certifications: Relevant certifications such as CISSP, CISM, cloud-specific certifications or equivalent experience.
Technical Skills: Strong understanding of cloud security services, including IAM, Encryption and secrets management, logging, security control configuration, network and boundary protection, Kubernetes-based applications and image management in a microservices environment, implementing zero-trust patterns. Proficient in scripting and automation (Terraform). Experience with security tools such as SIEM, boundary network devices, vulnerability scanners, delivery pipeline tooling. Multi-cloud experience in AWS, Azure, GCP.
Soft Skills: Excellent problem-solving and analytical skills. Strong communication skills, with the ability to articulate complex security concepts to technical and non-technical stakeholders. Attention to detail. Ability to document solutions. Leadership and mentoring abilities.
Role Overview: We are seeking a highly experienced and motivated Principal Cyber Security Engineer to support the design, implementation, and management of security across our multi-cloud infrastructure. This role is critical to the continued security and compliance of our global SaaS platform. The ideal candidate will possess expertise in cloud security and have a strong background in supporting the design and operations of large-scale, distributed systems.
Key Responsibilities:
Security Architecture & Design: Support the development of the security architecture design for the multi-cloud infrastructure, ensuring that all security engineering measures align with good industry practice and compliance requirements.
Support Assurance and Compliance: Ensure that assurance and compliance of the platform is completed through a framework process and approval process is completed through key stakeholders and governance processes.
Compliance & Risk Management: Ensure that all cloud services meet necessary regulatory and compliance standards (e.g., GDPR, ISO 27001, SOC 2), and participate in the audit processes to ensure that the multi-cloud platform obtains certification.
Security Architecture Control Development and Implementation: Support the design of security controls to eliminate and mitigate identified risks within a multi-cloud environment.
Security Operations: Identify, develop and handover to service effective security operations.
Security Test: Assist and manage with the development of security test scope, test execution and management of test issues.
Delivery Pipeline Integration: Collaborate with DevOps and development teams to integrate security into the CI/CD pipeline, ensuring secure coding practices and automating security checks.
Mentorship & Leadership: Lead a team of security engineers who implement and monitor the security controls for the platform. Provide guidance and mentorship to security engineers, fostering a culture of excellence in delivery, continuous learning and professional development.
Stakeholder Engagement: Work closely with various stakeholders, including the Global Security team and engineering colleagues, to ensure that security considerations are integral to all business decisions.
Experience, Skills, Qualifications:
Education: Degree in Computer Science, Information Security, or a related field, or equivalent work experience will also be considered.
Experience: Minimum of 3 years of experience in cybersecurity, with cloud security forming a significant part; ideally with security engineering operations on Amazon web services, micro-service based applications hosted on Kubernetes.
Certifications: Relevant certifications such as CISSP, CISM, cloud-specific certifications or equivalent experience.
Technical Skills: Strong understanding of cloud security services, including IAM, Encryption and secrets management, logging, security control configuration, network and boundary protection, Kubernetes-based applications and image management in a microservices environment, implementing zero-trust patterns. Proficient in scripting and automation (Terraform). Experience with security tools such as SIEM, boundary network devices, vulnerability scanners, delivery pipeline tooling. Multi-cloud experience in AWS, Azure, GCP.
Soft Skills: Excellent problem-solving and analytical skills. Strong communication skills, with the ability to articulate complex security concepts to technical and non-technical stakeholders. Attention to detail. Ability to document solutions. Leadership and mentoring abilities.
Centric Software provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status or genetic information.
Apply for this position
Required*