Title - Head of Security Engineering (Product, AWS)
Location - Remote
Salary - Up to £170k + Brilliant benefits package.
You'll lead security teams in close collaboration with software and product delivery teams, utilizing agile practices to swiftly release high-quality, secure products. Proficiency in setting Outcomes and Key Results (OKRs) for Security Engineering, aligned with broader technology and business goals, is essential.
With a solid foundation in infrastructure security, you'll safeguard our public cloud, on-premise, and hybrid infrastructure from cyber threats. Your cloud-native expertise will ensure a comprehensive understanding of cybersecurity practices in a multi-cloud environment.
As a leader, you'll embody adaptability, inclusivity, and resilience. You'll advocate for informed investment decisions in cybersecurity risk management, leveraging data to support your approach and effectively explaining the 'why?' behind such decisions.
We are in search of an individual who possesses the following qualifications and attributes:
- Substantial experience in the field of cybersecurity, with a particular emphasis on secure product development and robust architectural practices, preferably within an agile and fast-paced environment.
- A proficient leader with a track record of managing both managers and senior technical professionals. The ideal candidate will have a refined communication style that can effectively span the entire organization, thriving in a matrix organizational structure.
- Comprehensive expertise in security architecture frameworks, encompassing application and infrastructure layers.
- Proficiency in secure software delivery controls and practices (SSDLC), static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and cloud security posture management (CSPM).
- Knowledge of cyber threat modelling for secure product development, AWS security controls and best practices, SIEM platforms, bug bounty programs, red teaming, and cyber incident response.
- Familiarity with tools and services such as SonarQube, Snyk, Burp, Tenable, Splunk, Akamai, and Cloudflare.
- Extensive experience as part of a senior leadership team in information security, with a history of deputizing for CISO/Director.
- Strong multitasking abilities, adept at prioritization, risk assessment, and decision-making.
- Proficient in creating high-quality written communications and presentations.
- An ability to articulate the rationale behind decisions to both senior technical and non-technical audiences.
- A leadership style that involves identifying and nurturing cybersecurity talent within their teams.
- A sound financial acumen with the ability to manage a substantial budget effectively.
- Experience in presenting on cyber risk to Executive Committees and non-Executive Board Committees.