Security Engineer

Location UK / Belfast

Job Type Permanent full-time, TemporaryContract

Salary Not disclosed

Updated 15 hours ago

Reference 1377230

 Job Description

Security Engineer – MicroServices Framework Although not a household name, State Street is one of the world’s largest and most important financial services institutions, providing round-the-clock services to the global investment community. We touch $33 trillion in assets every day, and are ...

Security Engineer – MicroServices Framework

Although not a household name, State Street is one of the world’s largest and most important financial services institutions, providing round-the-clock services to the global investment community. We touch $33 trillion in assets every day, and are the world’s third largest investment manager with over $2.8 trillion in assets under management. To do this we manage as much data as one of the internet giants on nearly as large a technical footprint.

In January 2018, we launched one of the industry’s largest technical transformation projects, in effect building a new bank from the ground up. This project isn’t greenfield in the way most banks claim projects are; we’ve started with a blank sheet of paper both operationally and technically. We’re using the same technologies that Silicon Valley giants are using: aggressive use of multiple public clouds, building our own private cloud to achieve even better performance, pushing out microservices into what will be one of the largest Kubernetes installations in the world, leveraging immutable storage to process and store hundreds of terabytes of data a day, transforming our industry through application of distributed ledger technology and cognitive computing, aggressively participating in open source communities driving our systems.

This isn’t a traditional banking role. This is a chance to push your technical skills with people more comfortable in a technology firm than an investment bank, but solving real problems that affect anyone with any form of savings worldwide (not just trying to get people to click on ads). We don’t expect you to wear a suit, we don’t expect you to not be able to tell your friends what you’re working on, we don’t expect you to sit in meetings 5 hours a day.

Although you will work with a global and remote team, our security epicenter is Belfast and this role is only open to candidates in our Belfast engineering office.

This Team

This role is for the technology team that is in charge of our microservices framework. We consider this, with our Unified Data Architecture, to serve as the application operating system for State Street, and covers everything that an application devops team would work with on a daily basis:

  • We provide “kubectl as a service” across public and private clouds
  • We manage everything else in our common Kubernetes infrastructure, including package management (e.g. Helm), networking (e.g. Calico), service mesh (e.g. Istio, Conduit)
  • We provide standard infrastructure for both telemetry and log management, all the way through to application tracing and dashboards
  • We provide standard CI/CD infrastructure
  • We develop application archetypes and training materials and actively assist in helping application developers make the best use of this infrastructure
  • We set policy and provide infrastructure for our new style of working, treating a Mac in a Starbucks the same as a desktop in a State Street office
  • We are a geographically distributed team, including with fully remote workers
  • We do all this in a true devops fashion with agile infrastructure and a follow-the-sun mandate

This Role

We are looking for enthusiastic and curious security practitioners with a slant in automation and scripting, working in everything from appsec to network security engineering, across our different infrastructure and technology development streams.

  • You will work along side infrastructure, operations and development teams to secure the entire development and operational lifecycle
  • You will work with other members of the security engineering team to design tools and processes that support a devops approach to communication and collaboration
  • You will work with other members of your team to investigate and formulate processes and methodologies for securing cloud-native infrastructure and applications in a highly regulated environment
  • You will support a follow-the-sun operations approach working with colleagues across three continents
  • If from a SOC/operational role, experience in one or several of vulnerability management, incident response, digital forensics, malware analysis, security orchestration, SAST, DAST, IDS/IPS, firewalls/switches and SIEM
  • If from a design/architecture role, experience in some of virtualised/physical systems, securing public cloud & cloud-native infrastructure and applications, API security, Identity Management and Single Sign On, network segmentation, OS hardening, container security, or threat modelling
  • Understanding of cloud-native architecture, including containers and orchestration
  • Appreciation of security challenges facing multi-cloud and private cloud deployments
  • Understanding of web and network protocols and common attacker techniques
  • Appreciation of cyber threat intelligence (CTI), with experience or insight into integrating CTI into security infrastructure.
  • You will work in a truly agile way, all the way down to using agile infrastructure techniques to deploy and update security apparatus
  • You will interact with your peers across the transformation effort across all teams to ensure that best practices are followed throughout the organization
  • You will help mentor more junior colleagues, including fresh college graduates

As we’re hiring very rapidly for the right candidates, if you have experience or interest in any of the technologies we work with, we’d love to hear from you!

Requirements

Successful candidates will:

  • Having worked in an Security engineering type of role before, this doesn’t have to come from working for a large firm, you just have to have experience in working on production-grade systems over time.
  • A degree in computer science or equivalent experience acquired on the job.
  • Experience in working on an Open Source project a definite plus
  • Good English language skills
  • Appreciate the value diversity (in all its forms) brings to our team and company
  • Experience working in a financial services environment is not required or expected.