Lead Security Engineer

Job Title: Lead Security Engineer
Location: Glasgow
Salary: £65-82K (up to 20% bonus, family health cover, and car allowance)
Flexible Working Pattern, Hybrid (2-3 days in the office)

Help us create a better future, quicker

As a Lead Security Engineer within the Digital team, you’ll lead the security engineering of the Digital team’s cloud platform and applications, working closely with the BISO, stakeholders, application development teams, and IT to identify opportunities. These include changes such as business, security, and technology improvements that will further support the growth of the Energy Customer business plan. Additionally, you will lead the technical delivery of large projects, managing the delivery team, security backlog, and associated risks/issues.

What you’ll be doing

A key pillar of the role is owning the delivery of strategic security projects, resourcing, and managing timelines and budget. You’ll work with security technologies and controls required for internet-facing applications, working effectively with different teams, including software engineers. The Lead Security Engineer will define the vision for the security technology roadmap, enhancing security standards and best practices, and ensuring a high standard of documentation is in place. You’ll integrate security testing, monitoring & alerting, runbooks, and assessment of risks into the software development lifecycle (DevSecOps). There will be the opportunity to track key security metrics, supporting the BISO and Digital Operations Lead with any potential security issues relating to the Digital applications, cloud platform, and third-party suppliers, including remediation of vulnerabilities found during pen tests/vulnerability scans. Other aspects of the role include:

• Ensuring an effective patching strategy is in place

• Maintaining an inventory of Digital's assets; understanding the criticality, relevant threats, and controls in place for each.

• Deputising in the Head of Technology's absence

What you’ll bring:
You will have experience with engineering and leadership of technical projects, pen tests/vulnerability scans, and supporting remediation efforts.

• Experience of software development

• DevSecOps experience

• Good knowledge of cloud architectures

• Experience of source control tools (Git), security testing tools (e.g., Snyk for static analysis), and writing security tests

What’s in it for you

As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we’ll double match your contribution up to a company contribution of 10%.

At ScottishPower, we believe it’s the little things we do in life that make a big difference. From helping you look after your family’s wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that -  so that you have everything you need to take care of your world – today and tomorrow. That’s why our benefits include:

• 36 days annual leave

• Holiday purchase – perfect your work/life balance with extra annual leave

• Share Incentive Plan and Sharesave Scheme

• Payroll giving and charity matched funding

• Technology Vouchers – save more and spread the cost of your technology purposes

• Count us in – pledge to reduce carbon emissions and help fight climate change

• Electric Vehicle Schemes – to help you transition to green/clean driving

• Cycle to Work scheme and public transport season ticket loans

• Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments

• Life Assurance (4x salary)

• Access to ‘nudge’ financial wellbeing support

• Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more

Why ScottishPower

ScottishPower is part of the Iberdrola Group, one of the world’s largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we’re at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation

Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you’ll fit right in.

ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support.

Mobility

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.

IMPORTANT 

Advert will close at 23:59 GMT the day before Job Posting End Date below