Product Security Engineer | S3 | CISO

Product Security Engineer | S3 | CISO

Country: United Kingdom

Interested in part-time, job-share or flexible working? We want to talk to you!

Join our community.

We are seeking an experienced and detail-oriented Product Security Engineer to join our Product security team. In this role, you will be responsible for designing, implementing, and maintaining security measures to protect our applications throughout their lifecycle.

As an integral part of the development and security teams, you will work to identify vulnerabilities, integrate security into our SDLC, and provide technical expertise to ensure our applications meet the highest security standards

The difference you’ll make:

• Managing Secure Software Development Lifecycle (SDLC)
• Delivering training and awareness programs to Security champions network on secure coding and application security best practices
• Working closely with development teams to define and implement secure coding practices
• Providing threat modelling, risk assessments, for new and existing applications
• Ensuring application security Standards comply with relevant standards such as OWASP, PCI-DSS, GDPR, and NIST
• Analysing vulnerabilities, prioritise risks, and guide development teams in implementing remediation

What you’ll bring:

These are the essential requirements you need to be successful in this role:

• Secure Software Development Lifecycle (SDLC)
• Experience of operating in a regulated organization with a 3LoD (Line of Defence) model
• Implement Application Security Framework
• Integrate security tools and practices into the Software Development Lifecycle (SDLC)
• Work closely with development teams to define and implement secure coding practices
• Conduct threat modelling, risk assessments, for new and existing applications

It would also be nice for you to have:

• Understanding of web application security concepts, including OWASP Top10 and CWE
• Familiarity with DevSecOps practices CI/CD pipeline integration
• Proficiency in security tools like Contrast, Fortify or similar
• Excellent communication and collaboration skills, with the ability to explain technical issues to non-technical stakeholders

What else you need to know:

This role is based in Milton Keynes

We want our people to thrive at work and home, and also be able to deliver the best outcomes for our customers and to help each other develop. To support this, we offer site-based contracts with a hybrid working pattern and our expected level of attendance in an office is at least 12 days per month (pro-rata for part-time roles).

If you apply for this role in this location, it’s important you consider your travelling distance, time and cost from your home to the office location.

We’re happy to discuss specific working patterns and arrangement within this hybrid approach during the recruitment process.

If you’re interested in this role but with part time hours or a job-share we would still love to hear from you and discuss these.

Application process

If your application is successful a member of our recruitment team will be in touch. We will arrange a short call with you to learn more about you and what you are looking for from your next career move, as well as answer any questions you have about working in the Santander tech team. If both sides agree we will send your CV to the hiring manager to review. For this position, the interview process will be :–

1st Stage – Technical Interview – this will a 30min technical interview with one of the team

2nd Stage – A one-hour formal interview where we will ask both technical and competency-based questions. This can be done virtually or face to face depending on your situation.

If there’s anything we can do in the recruitment process to help you achieve your best, please let us know.

Inclusion

At Santander we’re creating a thriving workplace where all colleagues feel they belong and are supported to succeed.  We all help to make Santander a workplace that celebrates diversity and attracts, retains and develops the most talented and committed people through living our values of Simple, Personal, and Fair.

How we’ll reward you.

As well as a competitive salary, you’ll enjoy a benefits package that you can tailor to your needs.

• Eligible for a discretionary performance-related annual bonus.
• We put 8% of salary into your pension, even if you don’t contribute yourself. We’ll pay in up to 12.5% of salary, if you contribute as well, and you can take some of our contribution in cash if you prefer.
• 30 days’ holiday plus bank holidays, which increases to 31 days after 5yrs service, with the option to purchase up to 5 contractual days per year.
• £6,000 car allowance per year.
• Company funded individual private medical insurance.
• Voluntary healthcare benefits at discounted rates such as private medical insurance for your family, dental insurance, and health assessments.
• Protection for you and your family, with company-funded death-in-service benefit and income protection insurance, and the option to take advantage of discounted rates for additional life assurance and critical illness cover.
• Share in Santander’s success by saving or investing in our share plans. 
• As a Santander UK employee, you are able to request staff versions of our products like our Edge Current Accounts and Credit Cards with no fees, as well as apply to many other deals and discounts in Santander products and services.

Learn more about our benefits and family friendly policies

What to do next:-

If this sounds like a role you’re interested in, then please apply.

If there’s anything we can do in the recruitment process to help you achieve your best, get in touch. Whether it’s a copy of our application form in another format or additional assistance, we’re available through telephone, email, or face to face. You can contact us at resourcing@santander.co.uk or call 0870 414 9080.