Web development

Security engineer

Permanent — full time

About the role

Storm ID is an award-winning digital transformation consultancy, with clients spanning the public sector, healthcare, and financial services. 

In a world that is more reliant than ever on digital, we help our clients transform processes and experiences, re-imagine their business models and even entire companies. The work we do requires our solutions to be developed with a high standard of security by design and by default. 

As a security engineer, you will ideally have a strong Cyber Security background and have experience working with cloud first solutions in Azure. 

About you

You will:  

  • have a well-informed understanding of security principles, best practices architectures, tools, and processes
  • be able to bridge the gap between the technical and non-technical and translate technical concepts so they are understood by clients/Storm ID colleagues within documentation, conversation, and presentations
  • be an analytical thinker with the ability to quickly absorb new information and identify key issues
  • have demonstrable hands-on experience / deep understanding of cloud native networking, configuration, and data security 
  • be passionate about improving the security posture of solutions delivered for clients and their end users 
  • be enthusiastic about supporting the growth of security as a specialism within Storm ID
  • have the ability to work to tight deadlines, in a commercial consulting environment
  • be open to learning from others and offering your support when needed 

Ideally, you will also have 

  • CISM, SANS, OSCP certifications 
  • MS Azure Security Engineer Associate certification 
  • experience working with scripting languages such as PowerShell 
  • working knowledge of .Net web application technologies 

What you'll do

You’ll have a wide range of responsibilities and opportunities to learn. Core responsibilities will include: 

  • work with the Technical Director on the definition and documentation of security baselines for application and infrastructure security 
  • take part in engagements with variety of clients from senior level to development teams to elicit and interpret security needs  
  • review client security requirements and identify issues, risks, constraints, and opportunities  
  • assess and research security technology options available for a variety of situations and constraints with input as needed from developers and infrastructure engineers
  • support technical leads in creation of target technical architectures by providing security requirements and wider security considerations 
  • develop a deep understanding of Storm ID development technologies and methodologies
  • carry out security reviews of production infrastructure
  • maintain a vulnerability database to document the findings of third-party penetration tests along with remediations and mitigations  
  • collaborate with members of the testing team on their security testing 
  • lead on our application vulnerability management processes
  • contribute to the attainment of security related certifications and accreditations

Storm ID staff are working fully remotely for the moment in accordance with Scottish Government advice. You will be provided with a laptop and any other tools you need to enable you to interact with clients and colleagues. You’ll be supported by an active and engaged Storm community on Slack and Teams. 

You’ll be able to meet key members of each team through an online induction programme and the wider team through virtual coffees/donuts. In more normal circumstances you’ll be working from our lovely offices in Leith, and meeting clients across Scotland and further afield. 

Benefits

What's in it for you? Check out our benefits package to find out.

Apply

If you think this is for you, we’d love to hear from you.

Just use the form to send us a copy of your CV with a covering letter telling us why you'd like to work at Storm. Let us know which of your achievements you're particularly proud of and why you think you're right for the role.

To find out what happens next, check out our recruitment process.

How we use your information

I consent to providing the information in this form. This information will be used for recruitment purposes only. It will be stored in Storm ID systems, including People HR, for the duration of the recruitment cycle for the role I am applying for. After this any information or correspondence I have sent will be deleted from Storm ID systems.

Thank you for applying!
You have already applied for this vacancy!

At Storm we believe in equal opportunities

We know that a diverse workforce brings with it diverse ways of thinking, fresh perspectives, and new approaches to solving problems — benefitting our employees and our clients. Storm is proud to be an equal opportunities employer and we welcome applications from everyone.