Our Principal Security Engineers enable public sector organisations to mitigate cyber and information security risks across an increasingly complex and threatened mix of technology-enabled services. They provide senior security leadership and support to our clients and teams, build and manage key relationships with clients, manage security and risk across one or more accounts, and support sales.
At Made Tech we want to positively impact the future of the country by using technology to improve society, for everyone. We want to empower the public sector to deliver and continuously improve digital services that are user-centric, data-driven and freed from legacy technology. Underpinning this is a need for us to do this securely, handling public data safely, and defending against increasing cyber and information security risks.
As a Principal Security Engineer you will work closely with our clients’ senior leadership to help inform their security strategy and to make sure our teams are delivering secure digital services and cloud-based platforms, aligned to our clients’ risk tolerance. Working alongside delivery, client and other capability principals, you will help shape account plans and be responsible for delivering against them.
Working with Made Tech's leadership you will make sure our work with customers is aligned to our growth goals and you will play a pivotal role in identifying new opportunities and winning work. Running bid teams, supporting sales teams and developing new business is critical to this role.
You’ll need to have a drive to deliver outcomes for users and have a desire to mentor teams. You will coach and support Lead Security Engineers to steer their teams towards success. You will also be responsible for hiring and line managing Lead Security Engineers.
While this is not a hands-on coding technical role, the importance of credibility in internet-era approaches to digital, data and technology in the public sector cannot be understated. You will be expected to maintain a broad technical knowledge of modern cyber security practices, be able to shape security strategy and roadmaps, and hold others to account for technical quality.
As a security leader within Made Tech you will be expected to maintain and grow your professional network. You will be expected to contribute to thought leadership, content and events and should have a proven track record of doing so.
We look for the following skills and experience. But when we’re hiring for this role, if you don’t have some of the skills and experience listed below, don’t let that stop you from applying!
- Working directly with customers
- Working within a technology consultancy
- Developing a cyber and information security capability or function
- Shaping cyber and information security strategy and managing continuous risk reduction across an organisation, portfolio and/or multiple programmes
- End-to-end security involvement, including governance, risk and compliance, operational security, supply chain security and secure user management
- Identifying security issues in existing system designs, digital services (products) and platforms, including recommending mitigations that balance cost, risk and usability
- Strong understanding of integrating security as part of a multidisciplinary approach to delivering digital services (products) and platforms utilising a DevSecOps approach and enabling Continuous Security as part of wider CI/CD tools and practices
- Up-to-date understanding of, and ensuring compliance to, security standards and regulations including GDS Technology Code of Practice, NCSC Cyber Principles, ISO27001, SoC, NIST, PCI, and GDPR
- Up-to-date understanding of testing the security of software and infrastructure using appropriate security tools including automated cloud-based tooling
- Up-to-date understanding of network security (e.g. OSI, TCP/IP), web application security (e.g. OWASP) and cryptographic controls (e.g. PKI, TLS)
- Up-to-date understanding of identity management and authentication/authorisation products and patterns
- Evidence of self-development – we value keen learners
- Empathy and people skills
Experience in the following things isn’t essential, but it’s highly desirable!
- Leadership of a cyber and information security capability or function
- A relevant cyber and information security qualification (one of: CISSP, SSCP, CISM, CRISC, CAP, CPP, GCHQ-certified Master’s degree in cyber security, or a PhD that is relevant to cyber security)
- Penetration testing qualifications (OSCP, CREST, TIGER or equivalent)
- Working within bid teams to win contracts exceeding value of £1m
- Working with multidisciplinary digital and technology teams
- Working within the public sector
- Experience in hiring, forming and running teams
Take a look at the Benefits & Perks section of the Made Tech Handbook to see what we can offer you.
We mainly work remotely but you may need to visit clients or go to the office occasionally. We have offices in London, Bristol, Manchester, and Swansea.
The salary for this role is location dependant:
- UK: £85,000 - £135,000
- London & South East: £89,250 - £141,750
When we’re hiring for this role, you can see the details and apply at www.madetech.com/careers. If you have any questions about the role please email us at [email protected]. We’re happy to help!