Sec Ops Engineer

Contract Type: Permanent

Location: Hybrid - a minimum of 20% in the office per month 

About us

We’re Nominet, a world-leading domain name registry operating at the heart of the UK internet. While we're best known for running UK domains, we also help protect public services from cyber threats.
As a public benefit company, our work has a positive impact on society. We’ve donated millions to projects that use technology to improve people’s lives and have committed to delivering £60m worth of support over the next three years. We’re also already a Carbon Neutral company and we’re committed to helping the UK reach Net Zero by 2050.

About the role

This role will support the delivery of security engineering across both internal and external infrastructure and services. Key responsibilities include

• Implement security best practices across the application and infrastructure lifecycle

• Define and maintain security testing processes for in-scope applications and services

• Manage identified vulnerabilities through to remediation, in collaboration with relevant teams

• Provide expert advice and guidance on secure software and infrastructure development to engineering teams

About you and your experience

• 5 years’ experience working within a software security and development role 

• CEH, CompTIA Security+, CKA, CKS, or equivalent 

• Experience in managing and defining security in the software development lifecycle (SDLC). 

• Knowledge on PaaS or containerised deployment architectures such as Kubernetes, Docker, EKS, etc). 

• Passion for Infrastructure Security, Agile Development, and DevSecOps.  

• Software development, Waterfall, Agile methodologies such as Scrum or Kanban, and with a DevOps mindset. . 

• Experience managing Endpoint Detection services such as SentinelOne, zScaler, or Crowdstrike. 

• Experience in conducting security checks, such as SAST, DAST, and SCA with Snyk, OWASP ZAP, BurpSuite tools, vulnerability analysis in applications and penetration tests skills. Experience with OWASP Testing Guide v3 / 4 and OWASP TOP 10. 

• Knowledge of CI/CD and management technologies such as Teamcity, Argo, Helm, Artifactory.  

Interview process

1st stage: Introduction call with a member of the TA team (30 mins) 

2nd stage: Hiring manager interview (60 mins)

3rd stage: Take-home task

4th stage: Values interview with CISO (45-60 mins)

What we offer

The opportunity to make a significant impact on internet safety in the UK. 

• A leadership role, leading key strategic priorities, in an organisation committed to public benefit. 

• Collaborative environment with support for professional development. 

• Opportunity to represent Nominet at industry events and conferences. 

• 30 days annual leave plus bank holidays, with the ability to purchase an additional 5 days

• 12pm finish on Fridays, 4.5 day working week
• Bupa private healthcare + Employee Assistance Programme
• Electric vehicle scheme with free on-site charging points
• MediCash discounts on routine healthcare including optical, dental and much more
• Rewards platform with access to discounts at hundreds of shops, restaurants etc.

Please note, all roles working for Nominet will be subject to a Baseline Personnel Security Standard (BPSS) check. Some roles will require additional security clearance due to the nature of their work.  Nominet is also unable to offer Visa Support in any capacity.

We’re proud to be an Equal Opportunity Employer, and we’re committed to building an inclusive, diverse community that celebrates and welcomes everyone.
If there are any adjustments we could make to the recruitment and selection process to support you, please let us know.