Security Specialist

  • Job Reference: R-00230674-OTHLOC-GBR-5FEDI034
  • Date Posted: 29 March 2024
  • Employer: NatWest Group
  • Website:
  • Location: Edinburgh
  • Salary: On Application
  • Sector: I.T. & Communications
  • Job Type: Full Time

Job Description

Join us as a Security Specialist

  • This is a unique opportunity for someone with application security experience to join us
  • Take on a new challenge and use your specialist knowledge to support the wider bank in building and operating secure services that protect both colleagues and customers
  • You’ll act as a subject matter expert in a security related field, making sure that the security implications of the backlog are understood in the right way, building security early into design
  • You’ll be joining an exciting and fast-paced area of the bank, where you can expect great exposure both for you and your work

What you'll do

As a Security Specialist, you’ll work at a domain level to understand and ensure robust security is continuously considered and incorporated at every stage, programme increment and feature team delivery throughout the development lifecycle and through to support. You’ll be detecting and preventing security vulnerabilities at the earliest stages of development through automation and left shifting.

You’ll collaborate with feature teams and participate in story refinement, sprint planning and retrospective sessions, establishing a culture of innovation and strategic thinking that makes sure that the bank has knowledge of, and opportunities to exploit, the latest developments in your area of specialism. We’ll also look to you to create and guide engineering standards for mobile, API and microservice architected applications, while leveraging DevSecOps methodologies to adopt a proactive security posture.

You’ll also be:

  • Writing secure JVM based application code
  • Researching, developing and running security engineering toolsets to introduce advanced security automation
  • Using your technical abilities to guide engineering teams to adopt security practices in software design and development
  • Working within the information security community to integrate security tools to improve code quality
  • Making sure that decisions made are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management
  • Encouraging the identification of ideas and driving the delivery of initiatives that will reduce cost and simplify the bank
  • Building and leveraging relationships with colleagues across the bank and third parties to make sure decisions made are commercially focused and create long term value for the bank

The skills you'll need

You’ll need experience and knowledge of technology security controls within the security technology specialism along with. hands on application security experience, and you’ll have worked in a DevSecOps environment. You’ll also be passionate about security and maintaining your knowledge of available and emerging security threats.

You’ll also demonstrate:

  • The ability to write technical issues in business terms
  • Development experience including mobile, API or microservices security
  • Hands on experience with programming languages such as Golang, Java or Kotlin
  • Experience with cloud technologies such as AWS, Google Cloud or Azure
  • Analytical and problem solving skills
  • Knowledge and experience of the legal and regulatory environment