engaged technologies. Experience with the technologies of at least one of the major public Cloud Service Providers (GCP, AWS or Azure) and the security features they provide (Key & Secret management, IAM, Service Accounts, Workload/VM Identities, TLS/PKI, Load Balancing, storage encryption, data localization, etc.). Experience on developing & comprehending source code, discerning business logic, and identifying … security flaws in Web- and Cloud-relevant languages, such as Java, Ruby, Rust, Go, Python, C#, Lua, and JavaScript. Experience with application authentication, authorization, identity, access management, and secretsmanagement technologies, such as OAuth, MFA, SSO, JWT, PKI, Cloud IAM, Password-less authentication, HashiCorp Vault, etc. Experience with applied cryptography and cryptographic protocols, such as E2E protection … Wrapping and Remote Key Attestation. Experience in identifying and mitigating security vulnerabilities on software running on cloud platforms (OWASP Web Top10 vulnerabilities, data encryption, transport layer protections, insecure configurations, secretsmanagement, etc.). Experience with cloud confidential computing, virtualization, enclaves, containers, and workload attestation technologies. Problem solving skills, analytical thinking, and willingness to learn/grow. Nice-to More ❯
proposing effective controls, and ensuring adherence to security policies. Drive the selection and integration of security technologies and services within cloud ecosystems (AWS, Azure, GCP preferred). Risk & Compliance Management: Lead threat modeling, risk assessments, and security posture management across cloud environments. Ensure architectural designs meet stringent regulatory compliance requirements relevant to the financial industry in Europe (e.g. … security, including understanding of common threats, European regulatory requirements (e.g., PSD2, DORA, EBA guidelines), and data privacy mandates (GDPR). Extensive knowledge of security architecture principles for: Identity & Access Management (IAM) in cloud (e.g., AWS IAM, Azure AD, GCP IAM). Network Security (VPCs, firewalls, WAFs, micro-segmentation, private connectivity). Data Security (encryption at rest/in transit … KMS, data classification, DLP). Application Security (secure coding, API security, SAST/DAST, WAF integration). Container Security (Kubernetes, Docker, service mesh). Security Information and Event Management (SIEM) and logging strategies. Zero Trust Architecture principles. Proven experience with DevSecOps methodologies and securing CI/CD pipelines. Strong understanding of security frameworks such as NIST CSF, ISO More ❯
Acadian Asset Management LLC is a Boston-headquartered investment management firm with wholly owned affiliates located in Singapore, London, and Sydney. As of March 31, 2025, the firm managed approximately US$122 billion on behalf of major pension funds, endowments, foundations, governments and other investors based in the U.S. and abroad.Position Overview:The Senior Security Engineer, reporting to … and consistently governing our AWS Platform-as-a-Service (PaaS) infrastructure. We are looking for candidates with deep experience and understanding of continuous delivery, container security, SAST/DAST, secretsmanagement, Identity and Access Management (IAM) governance, privilege management, encryption and key management, threat detection, logging, cloud infrastructure security and policy-as-code.What You'll … Utilizing tools like AWS Config, Security Hub, Inspector, Guardduty, and Crowdstrike Falcon, assess monitor and prioritize remediation of Cloud security vulnerabilities. Develop and maintain tools to detect and remove secrets from code check-ins. Establish development best practices for working with code libraries such as docker, pypi and others, ensuring that libraries are only obtained from trusted sources, e.g. More ❯
the successful candidate. You can expect: Design and manage scalable, secure cloud environments using Azure Bicep, ARM, or Terraform Lead the implementation of DevSecOps practices including CI/CD, secretsmanagement, zero-trust security, and vulnerability management Develop secure cloud-native architectures including microservices, containers, and serverless patterns Ensure compliance with industry security and privacy standards ( e.g. … need to succeed in this role Deep experience in Azure infrastructure (with IaC using Bicep, ARM, or Terraform) Hands-on knowledge of DevSecOps tooling and techniques (CI/CD, secretsmanagement, threat modelling) Experience implementing security standards across cloud and hybrid environments Familiarity with container security ( e.g. Docker, Kubernetes) A strong understanding of compliance frameworks such as ISO More ❯
Huntingdon, Cambridgeshire, East Anglia, United Kingdom Hybrid / WFH Options
Leidos Innovations UK Limited
with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response in MOD environments. Security compliance and regulatory frameworks (e.g., NIST, CIS Benchmarks). Experience working with … and security teams. Ability to advocate for security best practices in a DevOps culture. Desirable Skills Containerisation Security Expertise in Kubernetes security (e.g., RBAC, network policies, pod security standards, secretsmanagement). Knowledge of container runtime security (e.g., container escapes, rootless containers, sandboxing). Image security best practices, including scanning, signing, and provenance verification. Secure deployment patterns using … CI/CD Security Secure CI/CD pipeline design with security testing using like Git and SonarQube. Implementation of Infrastructure as Code (IaC) security (e.g., Terraform, Ansible). Secretsmanagement in CI/CD pipelines using Vault or Kubernetes Secrets. Security automation and policy enforcement using tools like GitHub Actions, GitLab CI and Jenkins. Cloud & Infrastructure Security More ❯
with technical and business teams to address security flaws and implement remediation plans. • Oversee application security tasks, ensuring alignment with audit requirements and internal policies. • Support change and incident management processes, with a focus on high-priority incidents (P1 & P2). • Provide guidance to development and support teams on security-related ticket requirements and process expectations, ensuring SLA compliance. … functions, including audit preparation and policy development. • Compile and deliver regular reports, including weekly, monthly, and OSM-specific security metrics. Required Key Skills (Functional/Technical) Application Security & Vulnerability Management • Familiarity with Common Vulnerability Scoring System (CVSS) • Experience with tools like OWASP ZAP, Veracode, Rapid7 (on-prem), and Wiz.IO (cloud vulnerability management and CSPM) • Track and assist in … of network security principles and firewall configurations • Familiarity with SSO and MFA using OKTA, and directory services such as MS Active Directory • Experience with CyberArk PAM for privileged access management Security Information and Event Management (SIEM) • Use of Splunk SIEM for real-time threat detection and log analysis • Review and optimise SIEM use cases to enhance threat detection More ❯
support secure, reliable, and efficient access to compute resources in an on-premise datacenter environment. You will work closely with engineers and researchers to implement solutions around deployment, configuration management, and system security. Essential functions Implement and maintain infrastructure-as-code using tools like Terraform and Ansible Develop and manage secure access and identity controls, particularly using AWS IAM … and related services Support deployment of internal services with HTTPS, secretsmanagement, and authentication tooling Contribute to the configuration and monitoring of HPC systems and related services Design and support centralized log collection and syslog forwarding for the compute cluster Collaborate with software and infrastructure teams to ensure reliable compute access for researchers Qualifications Strong understanding of infrastructure … automation tools such as Terraform and Ansible Experience working with AWS, including VPCs, EC2, IAM, and related services Familiarity with secure service deployment practices including TLS/HTTPS and secretsmanagement (e.g., Vault) Experience with centralized logging (e.g., syslog, journald, log forwarders, ELK, or Loki/Promtail) Comfort working in Linux environments and automating common administrative tasks Knowledge More ❯
ensure high availability, security, and performance Managing service observability and reliability, including logging, metrics and alerting (we use Prometheus and Grafana) Handling database and service upgrades (e.g. MySQL, Kubernetes), secretsmanagement and security best practices Taking ownership of platform-level concerns such as deployment pipelines, configuration management, and cost awareness Helping drive pragmatic AI utilisation across our … including deploying to production Strong fundamentals of Java or Kotlin development practices A good grasp of principles behind building reliable and scalable systems, including redundancy, time complexity, and memory management Hands-on experience with cloud infrastructure and container orchestration, ideally with Kubernetes on GCP, and a strong understanding of platform reliability, cost awareness, and secure configuration Solid understanding of … security best practices across infrastructure and applications, including secretsmanagement and credential rotation. Familiarity with infrastructure-as-code or automation tools is a plus Experience with observability tools (such as Prometheus and Grafana), service monitoring, and debugging in production environments A demonstrated interest in staying up-to-date with new technology, new frameworks, new languages and other developments More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Robert Half
and continuous delivery (CI/CD) tools across varied technology stacks. Experience with infrastructure monitoring for availability, performance, and/or security. Understanding of infrastructure security principles, including vulnerability management, secretsmanagement, network security, and supply chain security. (Desirable) Experience with automated testing, performance testing, and stress testing tools. Organisation: Initial 12-month contract Fully remote role More ❯
and discoverability. Build end-to-end monitoring and observability for your pipelines: owning data quality, latency, completeness, and lineage at every stage. Champion secure, governed data practices : access controls, secretsmanagement, encrypted data-in-transit/at-rest, and compliance with frameworks like GDPR. Collaborate closely with AI, Platform, and Product teams , provisioning data sets, feature tables, and … code at scale. Modern Data Pipelines: Experience with batch and streaming frameworks (e.g., Apache Spark, Flink, Kafka Streams, Beam), including orchestration via Airflow, Prefect or Dagster. Data Modeling & Schema Management: Demonstrated expertise in designing, evolving, and documenting schemas (OLAP/OLTP, dimensional, star/snowflake, CDC), data contracts, and data cataloguing. API & Integration Fluency: Building data ingestion from REST … warehouse paradigms. Observability & Quality: Deep familiarity with metrics, logging, tracing, and data quality tools (e.g., Great Expectations, Monte Carlo, custom validation/test suites). Security & Governance: Data encryption, secretsmanagement, RBAC/ABAC, and compliance awareness (GDPR, CCPA). CI/CD for Data Systems: Comfort with automation, infrastructure as code (Terraform), version control, and release workflows. More ❯
Coinbase to achieve its mission of being the most trusted crypto platform. You will play a crucial role in tackling the most challenging problems in crypto custody and security: secretsmanagement, risk management, insider threat, account take over, regulatory compliance, and more. You will work closely with cross-functional teams, including Engineering, Security, Compliance, and Operations, to … to guide product development Align teams on a shared vision and steer execution on that vision What we look for in you (ie. job requirements): 6+ years of product management experience Exceptional interpersonal communication, relationship management and organizational skills Deep analytical, prioritization and problem solving skills Demonstrated ability in working with a high degree of technical complexity across … a broad product portfolio Previous experience working in software product management in platform products Demonstrated passion for cryptocurrency, financial markets, and the Coinbase mission An entrepreneurial mindset with the ability to succeed in a fast-paced environment Aptitude for learning and ability to quickly ramp up in complicated domains Nice to haves: Previous experience with security, privacy and compliance More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
Become
of Excellence team Strong scripting skills (e.g., Bash, Python) and automation mindset Excellent communication and collaboration skills Desirable Attributes Exposure to service mesh technologies (e.g., Istio, Linkerd) Experience with secretsmanagement and security tooling (e.g., Vault, Snyk) Familiarity with compliance frameworks (e.g., ISO 27001, PCI-DSS) Prior consulting experience or experience in client-facing roles Engagement Model Outside More ❯
platforms Strong containerisation knowledge (e.g. Docker, Kubernetes) Nice to have: Experience with Kafka in production (including multi-datacentre setup) Familiarity with service discovery (e.g. Consul, Istio, Linkerd) Knowledge of secretsmanagement tools (Vault, AWS Secrets Manager) Good grasp of networking fundamentals (OSI model) We're expanding! From September 2025, Zopa will be opening a brand-new office More ❯
OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secretsmanagement tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secretsmanagement tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secretsmanagement tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secretsmanagement tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secretsmanagement tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secretsmanagement tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secretsmanagement tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secretsmanagement tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secretsmanagement tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secretsmanagement tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯
