Product Security Engineer
Hybrid
London, United Kingdom
£ 1,200 / day
Freelance
17-03-2025
Job Specifications
Product Security Engineer
Contract Details
Client: Global investment manager
Rate: Up to £1200/day
Duration: 6 months rolling
Location: London
Job Description
Responsibilities:
Support the implementation of security controls and processes for product security, focusing on a broad range of systems, including core trading infrastructure, cloud services, and business applications across both Windows and Linux environments.
Collaborate with engineering and product teams to integrate security into product design and development, applying your experience in securing large-scale software systems in a fast-moving environment.
Contribute to the development and maintenance of a secure software development lifecycle (SDLC) with a focus on secure coding practices in languages like Python, C++, Rust, Go and Kotlin/Java.
Conduct threat modeling, vulnerability assessments and security code reviews across different platforms, ensuring security is embedded at every stage of the development lifecycle.
Provide mentorship, guidance, and training on security best practices and secure development processes to engineering teams working in mixed cloud and operating systems environments.
Perform vendor security reviews to assess third-party security practices and ensure compliance with our standards.
Integration of security scanning tools (SAST, DAST, etc.) into CI/CD pipelines and runtime environments to ensure continuous security monitoring and threat detection across Alibaba Cloud, AWS, Azure, and on-prem systems.
Proactively identify security risks and develop strategies for risk mitigation in a fast-paced high-stakes environment.
Crypto/DeFI and Smart Contracts experience will be a good advantage.
Requirements:
At least 7 years of experience in product security or similar roles with significant practical experience in securing software development at scale.
Proven record of accomplishment in secure coding practices and development experience in development languages such as Python, C++, Rust, Go and Kotlin/Java.
Strong technical background in software development, system architecture and security tools.
Strong understanding of security principles, techniques and technologies related to software and product security, cloud platforms and business applications. Knowledge of low-latency financial systems would be an advantage.
Experience working with and securing both Windows and Linux-based systems.
Extensive experience with one or more cloud platforms such as AWS, Microsoft Azure and Alibaba Cloud used in a hybrid environment.
In-depth knowledge of threat modeling, risk assessment and development of mitigation strategies for large-scale, complex systems in a fast-paced environment.
Experience integrating security scanning tools into CI/CD pipelines and runtime environments.
Experience conducting vendor security reviews and managing third-party security assessments.
Excellent leadership, problem-solving, communication and adaptability skills, suited for a senior-level position in a fast-paced environment.
About the Company
Caspian One are an international professional services company. We solve technology-driven, resource-based and project-delivery challenges that demand speed, scale and commercial flexibility. Empowering individuals and organisations to optimise their full potential. Put simply – we deploy specialist resources and niche technology teams to deliver projects in ways that best suit the needs of our clients. These SMEs are working to decommission, migrate, build, and implement tech that gives our clients the competitive edge. ... Know more
Related Jobs
- Company Name
- Smartedge Solutions
- Job Title
- IDAM Security Consultant/ Architect
- Job Description
- Job Description : Identity & Access Management: Provide expert advice and guidance on IDAM/PAM strategies, solutions, and best practices. Assess and evaluate client IDAM/PAM environments, identifying risks and opportunities for improvement. Ensure that IDAM/PAM solutions are implemented in accordance with relevant standards and regulations. Advise clients on the application and operation of IDAM/PAM technologies, including policy management, fraud and risk management, and access governance. Develop and present IDAM/PAM roadmaps and strategic recommendations. Lead workshops and discussions with clients to define and refine IDAM/PAM requirements. Oversee the quality of IDAM/PAM solution designs and implementations. Mentor and guide junior consultants on IDAM/PAM best practices. Technical Security Architecture: Assist in the development of secure architectural designs, applying established security architecture frameworks and methodologies. Contribute to the evaluation of existing architectures, identifying security vulnerabilities and recommending improvements. Support the documentation of security architecture designs, specifications, and risk assessments. Conduct threat modelling exercises to identify potential security threats and vulnerabilities, following established methodologies. Perform risk assessments to evaluate the impact and likelihood of identified threats, applying established risk assessment frameworks. Assist in the development of risk mitigation strategies and security controls. Assist in the creation of security implementation plans, integrating security controls into the overall architecture. Apply established security standards and compliance requirements within architectural designs. Client Engagement and Communication: Build and maintain strong relationships with clients, acting as a trusted advisor. Communicate complex technical information clearly and concisely to both technical and non-technical audiences. Prepare and deliver presentations and reports to clients and stakeholders. Lead client workshops and discussions. Work to gather client requirements. 5+ Years experience in a Cyber/Information Security Role. Hold a relevant Security Certifications (e.g., CISSP, CISM). Extensive experience in IDAM/PAM consulting, with a proven track record of delivering successful solutions. Deep understanding of IDAM/PAM technologies (including Microsoft AD, Key Vault, Entra, AWS IAM, Google Cloud Identify, Okta, SailPoint, CyberArk, AuthO, and Ping Identity), standards, and best practices. Good understanding of the concepts of "Secure by Design" and "Zero Trust" within implemented solutions. Strong analytical and problem-solving skills, with the ability to assess complex situations and develop effective solutions. Excellent communication and presentation skills, with the ability to influence and persuade stakeholders. Experience in developing and presenting IDAM/PAM roadmaps and strategic recommendations. Experience with general architecture principals.
- Company Name
- Focus on SAP
- Job Title
- Network LAN Engineer
- Job Description
- Position: Network LAN Engineer Employment Type: Contract, Full time Start: ASAP Location: London - Hybrid Languages: English Role – We are seeking a highly skilled Network LAN Engineer to join our dynamic client’s IT team. In this role, you will be responsible for the design, implementation, and maintenance of our Local Area Network (LAN) infrastructure, ensuring optimal network performance, security, and availability across the organization. Key skills: 5+ years of experience in LAN engineering or similar networking roles Strong knowledge of networking protocols (TCP/IP, DNS, DHCP, VLANs, etc.) Experience with enterprise-grade switches, routers, and firewalls (Cisco, HP, Juniper, etc.) Hands experience with Arista cloud and products - Essential to have. Familiarity with network monitoring tools (SolarWinds, Wireshark, etc.) Solid understanding of LAN design principles and best practices Consulting background is a plus. Strong communication skills (oral & written) Rights to work in the UK is must (No Sponsorship available) Responsibilities: Design, install, configure, and maintain LAN infrastructure (switches, routers, access points, etc.) Monitor network performance and troubleshoot issues to ensure high levels of availability and security Perform routine network maintenance and system upgrades including service packs, patches, hot fixes, and security configurations Collaborate with cross-functional teams to support network needs for new projects, applications, and expansions Maintain detailed documentation of network configurations, assets, and protocols Implement and enforce network security policies, procedures, and technologies Provide technical support and guidance to IT support staff and end users as needed Should you be interested in being considered for this position and would like to discuss further. Please apply with your latest CV or share your CV directly with me at christophe.ramen@focusonsap.org
- Company Name
- TalentHawk
- Job Title
- Information Security Consultant
- Job Description
- Information Security Consultant 6 Month Contract Opportunity with Opportunities for Longevity Key Responsibilities: Project Security consultant supporting Cyber and non-Cyber projects Providing guidance and input to business analysts, architects, and project managers to ensure solution designs and project deployments are aligned to security best practice and our clients policies and standards Support projects through formal tender process, feasibilities phases, design phases, implementation, and validation phases, including risk assessments Security Architecture and Design- Review of Design documents and standing member of Architecture Review Board and Technical Design Authority Be the Security touchpoint for Business Analysts and PMO projects. Produce in-flight project functional and non-functional security requirements and embed into existing processes. Assist with maturing processes Ensuring evidence of security assurance activities are collected and retained to support regulatory inspections and audits. Post-implementation / pre-go live auditing of initial requirements for cloud-based projects, checking agreed design proposals matched against delivered solutions. Providing support across all Security Team functions Proven experience in Risk Assessments Third-party Risk Management Broad experience in Security Technologies
- Company Name
- TechNET IT Recruitment Limited
- Job Title
- Security Architect
- Job Description
- Lead Security Architect - Contract Location: London, Manchester, or Bristol (Hybrid/Flexible Working) Duration: 9 months Clearance Required: Eligible for SC clearance or above Overview: We are partnering with a high-profile public sector digital team to support the hire of a Lead Security Architect. This team plays a critical role in safeguarding public-facing digital infrastructure and domain environments, working at scale to identify and mitigate cyber risk. This role sits within a specialist team focused on securing domain name spaces, digital services, and infrastructure across the public sector landscape. Key Responsibilities: Conduct risk-based analysis and assessment of cyber vulnerabilities across a diverse digital estate. Translate technical findings into clear, actionable guidance for both technical and non-technical stakeholders. Lead stakeholder engagement efforts to support the resolution of identified cyber vulnerabilities. Build and nurture effective working relationships across the wider public sector. Collaborate with government cyber coordination teams to drive a unified approach to cyber defence. Continuously improve internal processes and tooling to enhance threat monitoring and incident response. Mentor and upskill team members to help scale architectural capability. Drive Secure by Design principles and shape architectural standards across platforms and services. Core Skills & Experience: Proven experience in secure system design, architecture, and cyber resilience. Strong knowledge of current cyber threats, vulnerabilities, and mitigation strategies (including OWASP). Expertise across infrastructure, network, application, and cloud security architecture. Excellent stakeholder engagement skills – able to influence, guide, and advise senior leaders. Familiarity with security tooling, patterns, and the broader cybersecurity product landscape. Strong written communication skills – capable of creating actionable and accessible technical content. Experience delivering knowledge transfer and training to internal teams.