Назад
Company hidden
3 дня назад

DevSecOps Engineer (Fintech)

Формат работы
onsite
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
UK
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

DevSecOps Engineer (Fintech): Enhancing the security of applications, APIs, and infrastructure through preventative controls and automated security testing with an accent on purple team activities and SDLC integration. Focus on implementing SAST/SCA/DAST tooling, conducting threat modeling, and collaborating with engineering teams to remediate vulnerabilities.

Location: London, UK

Company

A global leader in asset servicing and operational solutions for alternative investments, operating as a division of the Mitsubishi UFJ Financial Group.

What you will do

  • Act as a security champion to foster a secure-by-design approach across the business.
  • Implement and manage SAST/SCA and automated DAST solutions to maximize testing coverage.
  • Conduct threat modeling and review application architectures to identify risks early in the SDLC.
  • Perform penetration testing on internally developed applications and coordinate external assessments.
  • Provide security guidance and remediation advice to engineering and IT teams.
  • Review and assess the security of third-party vendor applications through configuration and hardening reviews.

Requirements

  • Experience in application security focusing on red, blue, or purple team activities.
  • Proficiency in Python, JavaScript, .NET, or Java.
  • Experience with DAST tools (e.g., Burp Suite, OWASP Zap) and SAST/SCA tools (e.g., Snyk, Veracode).
  • Strong understanding of SDLC and agile methodologies.
  • Experience testing REST and GraphQL APIs.
  • Demonstrated experience with development tools including GitLab/GitHub, Datadog, Jira, and Docker.

Nice to have

  • Experience in the financial sector or heavily audited industries.
  • Experience with AWS services (WAF, Cognito).
  • Knowledge of Infrastructure as Code, Kubernetes, and container security.
  • Experience with auth mechanisms like Open ID Connect and OAuth.

Culture & Benefits

  • Vibrant culture with a focus on innovation and client success.
  • Commitment to continuous learning and professional development.
  • Opportunity to work within one of the world's largest financial institutions.
  • Collaborative team environment focused on defying industry expectations.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →