Product Security Engineer

Senior Application Security Engineer - Azure, Kubernetes, Terraform - £100,000 - £130,000

A leading provider of regulated digital asset custody services for institutional clients, ensuring the secure storage and management of cryptocurrencies and other digital assets, is seeking a Senior Application Security Engineer. You'll be pivotal in securing their platform and applications throughout their lifecycle.

As a Senior Application Security Engineer, you'll shape how they secure and design services in collaboration with developers, product owners, and business stakeholders, embedding security across the Software Development Lifecycle and business operations. You'll bring a detailed understanding of secure software design, cloud security, and threat/risk management, maintaining a secure and reliable platform.

• Secure the platform and applications throughout their lifecycle.
• Deliver secure foundations for a cloud-first platform built on Microsoft Azure and Kubernetes.
• Collaborate with developers, product owners, and stakeholders to embed security across the SDLC.
• Maintain and build effective controls for SOC2 and ISO 27001 compliance, including incident and vulnerability management.
• Secure configuration of cloud platforms and shift left security controls.
• Translate technical topics to a broad range of stakeholders.
• Work on Infrastructure as Code, CI/CD, git, and perform code reviews and threat modelling.

• Minimum 5 years in application security, product security, or a related field, with a focus on application and cloud security.
• Experience with Microsoft Azure, Kubernetes, Terraform, CI/CD, Java, and Python.
• Expertise in threat modelling, cloud security, secure coding, and penetration testing.
• Experience working in regulated environments and implementing security controls aligned with SOC2, SOC1, and ISO27001.
• Integrating security into the SDLC, managing vulnerabilities, and tuning security controls like WAFs.
• Strong collaboration and communication skills.

• SANS Cloud Security certification or similar.
• Knowledge in blockchain, Kubernetes, and DevSecOps practices.

If you're a skilled Senior Application Security Engineer seeking a challenging role in a dynamic, regulated digital asset environment, please apply.

Burns Sheehan Ltd will consider applications based only on skills and ability and will not discriminate on any grounds.