Security Officer tasked with ensuring safety and access control at Sutter Health facilities. Providing assistance and investigating incidents, while ensuring a safe environment.
About the role
- Senior Cyber Security Consultant leading AppSec strategies and hands-on execution for software platforms. Focused on security engineering, vulnerability management, and compliance in the construction software industry.
Responsibilities
- Own the application security strategy and roadmap across products and platforms, aligned to business risk and compliance obligations (e.g., ISO 27001, NIST).
- Work with Group Architect to set and govern secure SDLC standards.
- Influence senior engineering leadership on security architecture decisions, backlog prioritization, and risk acceptance.
- Lead and mature SAST, DAST, SCA usage, with policy-as-code and pipeline gating where appropriate.
- Conduct lightweight threat modelling and design reviews for new features and critical services (APIs, microservices, containers, serverless).
- Guide and unblock remediation of complex vulnerabilities in first party code and third-party libraries, providing developer ready fixes and patterns.
- Direct and coordinate penetration testing (internal or partner-led); define scope, success criteria, and exec level reporting.
- Lead the response to zero-day events affecting our stack: assess exposure, coordinate mitigations, communication, and after-action reviews.
Requirements
- Proven background in software engineering (e.g., .NET, Java, JavaScript/TypeScript, Python) and secure coding practices.
- Strong experience operating and integrating SAST/DAST/SCA and AppSec controls into CI/CD.
- Understanding of modern architectures: APIs, microservices, containers (Docker/K8s), serverless, secrets management, identity and access.
- Hands-on with penetration testing methods and tooling (e.g., OWASP, Burp Suite, ZAP); able to set test charters and interpret results.
- Practical experience with vulnerability scanners and endpoint/cloud security platforms (Qualys/Tenable, Defender for Endpoint), plus asset/coverage hygiene.
- Skilled at triage and risk framing, mapping to business impact and SLAs.
- Experience securing workloads in AWS, Azure and/or GCP; multi-cloud exposure preferred.
- Relevant certs such as OSCP, GWAPT/GWEB, CSSLP, CISSP, CISM, or cloud security (e.g., AWS Security Specialty, AZ-500).
Benefits
- 25 days annual leave + public holidays, increasing with length of service.
- 4% matched pension.
- Income protection and life assurance.
- Access to our award-winning benefits platform.
- We take mental health seriously and have a dedicated EAP available 24/7.
- £100 allowance towards a fitness club.
- Dell discounts.
- Private Medical Insurance.
- Paid study leave + volunteering days.
- Car Scheme.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Mid - Level Security Design & Development Specialist at Boeing providing architecture and consultation expertise for enterprise directory services. Collaborating with senior technical experts in a fast - paced environment.
Delivery Lead responsible for end - to - end product delivery in the Physical Security Product Team at Wells Fargo. Collaborating with product managers and teams to foster high performance and customer value within agile frameworks.
Compliance professional managing global regulatory changes and providing advisory support. Joining a dedicated team within State Street, the role offers flexible hybrid work arrangements.
Focus Sales role at api GmbH, engaging clients and supporting Cloud business growth. Collaborate with teams for optimal client service and success in IT products.
Security Engineering Manager leading Detection & Response team at Snap. Overseeing security monitoring and team collaboration on high - impact initiatives.
Mid - Level Security Design & Development Specialist at Boeing involved in directory services infrastructure. Collaborating with a team of senior technical experts in a fast - paced environment.
Application Security Specialist conducting SAST and DAST analyses at TEHORA to enhance digital healthcare security. Responsible for code reviews, OWASP recommendations, and participation in intrusion tests.
Facilities and Security Coordinator providing operational support for facility operations at Westinghouse. Coordinating administrative tasks, reporting, and ensuring compliance in facility management.
Information Security Specialist ensuring digital security and compliance at cyberunity AG in Zürich. Collaborating with IT teams to implement security measures and address vulnerabilities.