Security Engineer at Waters Corporation

Waters are looking to bring on board a Security Engineer within our Cloud Platform team based in Wilmslow. This role can either be based on-site here in Wilmslow or fully remote.

As a Security Engineer you will be supporting application teams on a daily basis with security expertise and helping to reduce the security technical debt, act as SME for the relevant security tooling in the CI/CD pipeline and work with the team to improve our existing capabilities.

You will be producing software that is used by people worldwide for specialist measurement and scientific analysis. Your main responsibilities would include:

  • Provide subject-matter expertise on detecting and resolving code security defects
  • Maintain, improve and implement security tooling in the CI/CD pipeline and develop secure coding best practices
  • Enable and support Security Champions and proactively identify knowledge gaps in development teams
  • Lead the adoption of secure by design software components by development teams
  • Participate in and support security feature reviews and threat modelling
  • Develop scripts and tooling to shift left common security tasks to DevSecOps
  • Develop automation and guidance to resolve common security problems
  • Assist product owners to make risk informed decisions on existing vulnerabilities
  • Help develop security training and guidance for development teams.

We would love to hear from you if you have:

  • Strong experience in a Software Engineering role
  • Knowledge of common security controls frameworks (CIS, NIST, OWASP) and application security best practices
  • Understanding of secure software development lifecycle and how to align security controls to different stages
  • Ability to discover and remediate common security issues above and beyond OWASP Top 10
  • Experience in various programming languages and with a scripting language like Ruby or Python
  • Extensive experience with static and dynamic analysis and common security tooling