Product Security Engineer

Senior Capabilities Consultant - UI/UX, Front-End Development and Product Design

• Client: Global investment manager
• Rate: Up to £1200/day
• Duration: 6 months rolling
• Location: London

Job Description

Responsibilities:

• Support the implementation of security controls and processes for product security, focusing on a broad range of systems, including core trading infrastructure, cloud services, and business applications across both Windows and Linux environments.
• Collaborate with engineering and product teams to integrate security into product design and development, applying your experience in securing large-scale software systems in a fast-moving environment.
• Contribute to the development and maintenance of a secure software development lifecycle (SDLC) with a focus on secure coding practices in languages like Python, C++, Rust, Go and Kotlin/Java.
• Conduct threat modeling, vulnerability assessments and security code reviews across different platforms, ensuring security is embedded at every stage of the development lifecycle.
• Provide mentorship, guidance, and training on security best practices and secure development processes to engineering teams working in mixed cloud and operating systems environments.
• Perform vendor security reviews to assess third-party security practices and ensure compliance with our standards.
• Integration of security scanning tools (SAST, DAST, etc.) into CI/CD pipelines and runtime environments to ensure continuous security monitoring and threat detection across Alibaba Cloud, AWS, Azure, and on-prem systems.
• Proactively identify security risks and develop strategies for risk mitigation in a fast-paced high-stakes environment.
• Crypto/DeFI and Smart Contracts experience will be a good advantage.

Requirements:

• At least 7 years of experience in product security or similar roles with significant practical experience in securing software development at scale.
• Proven record of accomplishment in secure coding practices and development experience in development languages such as Python, C++, Rust, Go and Kotlin/Java.
• Strong technical background in software development, system architecture and security tools.
• Strong understanding of security principles, techniques and technologies related to software and product security, cloud platforms and business applications. Knowledge of low-latency financial systems would be an advantage.
• Experience working with and securing both Windows and Linux-based systems.
• Extensive experience with one or more cloud platforms such as AWS, Microsoft Azure and Alibaba Cloud used in a hybrid environment.
• In-depth knowledge of threat modeling, risk assessment and development of mitigation strategies for large-scale, complex systems in a fast-paced environment.
• Experience integrating security scanning tools into CI/CD pipelines and runtime environments.
• Experience conducting vendor security reviews and managing third-party security assessments.
• Excellent leadership, problem-solving, communication and adaptability skills, suited for a senior-level position in a fast-paced environment.

Seniority level

Mid-Senior level

Employment type

Contract

Job function

Information Technology