7 joburi disponibile

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)

*This is a 5 day onsite role each week* *We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Company is currently seeking a Java Developer with Android Application Modernization. Candidate will lead the efforts in modernizing and optimizing our Android based POS application. In this role, you will work closely with cross-functional teams to migrate and decompose a monolithic application to a microservices-based architecture, improving scalability, performance, and agility. Your expertise will guide the transformation of our POS application, ensuring seamless integration, cloud-native capabilities, and long-term sustainability. The initial phases will require discovery to determine the right long term approach and strategy and overall estimation of the work. Responsibilities: Lead the design and implementation of microservices architecture. Assess and analyze existing monolithic application to identify opportunities for modularization into microservices. Develop, test, and deploy microservices with a focus on scalability, maintainability, and performance. Collaborate with development, operations, and architecture teams to ensure smooth integration of microservices with existing systems. Implement cloud-native technologies and tools, including containerization (Docker, Kubernetes) and CI/CD pipelines, to enhance deployment and management of microservices. Provide guidance on best practices for microservices, including API design, security, and data management. Ensure that microservices are well-documented, easily consumable, and meet business and technical requirements. Collaborate with DevOps teams to streamline and automate processes for application life cycle management. Stay up-to-date with emerging trends and technologies related to microservices, and containerization. Qualifications: Strong programming skills in Android. Proven experience in microservices architecture and modernizing Legacy systems. Strong understanding of cloud platforms such as AWS, Azure, or Google Cloud. Proficiency with containerization and orchestration technologies (Docker, Kubernetes). Experience with API development and design (REST, gRPC). Familiarity with service discovery, monitoring, logging, and tracing (eg, Prometheus, Open Telemetry). Strong programming skills in languages such as Java, Go, or Node.js. Knowledge of CI/CD practices and tools (Github Actions) Experience with distributed databases and messaging systems (eg, Kafka). Knowledge of Service Mesh (eg Linkerd) Strong problem-solving and analytical skills with the ability to work in a fast-paced environment. Excellent communication skills and the ability to work collaboratively across teams.

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Director of Software Development with strong Java and Kafka experience. Candidate will be responsible for leading a team of skilled software engineers designing and delivering scalable and resilient hybrid and Cloud-based applications and data solutions supporting critical financial market clearing and risk activities; helping to drive the strategy of transforming the enterprise into a data-driven organization; lead through innovative strategic thinking in building data solutions. Responsibilities: Manage, lead, and mentor software development team Serve as technical product owner flushing out detailed business, architectural, and design requirements Develop solutions to complex technical challenges while coding, testing, troubleshooting and documenting the systems you and your team develop Recommend architectural changes and new technologies and tools that improve the efficiency and quality of OCC's systems and development processes Lead the efforts to optimize application performance and resilience though analysis, code refactoring, and systems tuning Collaborate with others to deliver complex projects involving the integration with multiple systems Work closely with internal and external business and technology partners. Build and manage a team of skilled software engineers Qualifications: 8+ years of experience leading software development teams Experience with Java Experience with distributed message brokers like Flink, Spark, Kafka Streams, etc. Experience with Agile development processes for enterprise software solutions Experience with software testing methodologies and automated testing frameworks Strong leadership skills Ability to manage project teams with different timelines and focus Knowledge of industry trends, best practices, and change management Strong communication skills with ability to communicate and interact with engineers and business stakeholders Team player, self-driven, motivated, and able to work under pressure Technical Skills: 8-10 years of experience in building high performance, large scale data solutions Experience managing a team of professionals to drive their work, providing mentoring for growth, and delivering constructive feedback or course correction where necessary 8+ years of solutions design and architecture experience Hands-on development experience with multiple programming languages such as Python and Java Experience with Big Data processing technologies and frameworks such as Presto, Hadoop, MapReduce, and Spark Hands-on experiences designing and implementing RESTful APIs Knowledge and understanding of DevOps tools and technologies such as Terraform, Git, Jenkins, Docker, Harness, NexArtifactory, and CI/CD pipelines Knowledge of SQL, data warehousing design concepts, various data management systems (structured and semi structured) and integrating with various database technologies (Relational, NoSQL) Experience working with Cloud ecosystems (AWS, Azure, Google Cloud Platform) Experience with stream processing technologies and frameworks such as Kafka, Spark Streaming, Flink Familiarity with monitoring related tools and frameworks like Splunk, Elasticsearch, SignalFX, and AppDynamics Good understanding of data integrations patterns, technologies, and tools Education/Certification: BS degree in Computer Science, similar technical field, or equivalent practical experience. Master's degree preferred OCP Java Programmer Certification (preferred) AWS Certified Solutions Architect (preferred)

*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Director, Java Software Engineering. This Director will lead a software development team working with Java, Python, Flink, Spark, Kafka, big data processing, DevOps tools, data warehousing/management, etc. Responsibilities: Manage, lead, build, and mentor software development team Serve as technical product owner flushing out detailed business, architectural, and design requirements Develop solutions to complex technical challenges while coding, testing, troubleshooting and documenting the systems you and your team develop Recommend architectural changes and new technologies and tools that improve the efficiency and quality of company systems and development processes Lead the efforts to optimize application performance and resilience though analysis, code refactoring, and systems tuning Qualifications: BS degree in Computer Science, similar technical field, or equivalent practical experience. Master's degree preferred 8-10 years of experience in building high performance, large scale data solutions Hands-on development experience with multiple programming languages such as Python and Java Experience with distributed message brokers like Flink, Spark, Kafka Streams, etc. Experience with Agile development processes for enterprise software solutions Experience with software testing methodologies and automated testing frameworks Experience with Big Data processing technologies and frameworks such as Presto, Hadoop, MapReduce, and Spark Hands-on experiences designing and implementing RESTful APIs Knowledge and understanding of DevOps tools and technologies such as Terraform, Git, Jenkins, Docker, Harness, Nexus/Artifactory, and CI/CD pipelines Knowledge of SQL, data warehousing design concepts, various data management systems (structured and semi structured) and integrating with various database technologies (Relational, NoSQL) Experience working with Cloud ecosystems (AWS, Azure, GCP) Experience with stream processing technologies and frameworks such as Kafka, Spark Streaming, Flink Experience with cloud technologies and migrations using public cloud vendor preferably using cloud foundational services like AWS's VPCs, Security groups, EC2, RDS, S3 ACLs, KMS, AWS CLI and IAM etc. Experience with high speed distributed computing frameworks such as AWS EMR, Hadoop, HDFS, S3, MapReduce, Apache Spark, Apache Hive, Kafka Streams, Apache Flink etc. Experience working with various types of databases like Relational, NoSQL, Object-based, Graph Working knowledge of DevOps tools. Eg Terraform, Ansible, Jenkins, Kubernetes, Helm and CI/CD pipeline etc. Familiarity with monitoring related tools and frameworks like Splunk, ElasticSearch, Prometheus, AppDynamics

*Onsite 5 days a week* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Application Modernization Architect/Developer. This role will focus on leading the modernization and optimization for the company Android based POS application. This position requires experience with Java on the Front End and Node.js on the Back End. This role will modernize a monolithic application to microservices based architecture in GCP. Responsibilities: Lead the design and implementation of microservices architecture. Assess and analyze existing monolithic application to identify opportunities for modularization into microservices. Develop, test, and deploy microservices with a focus on scalability, maintainability, and performance. Collaborate with development, operations, and architecture teams to ensure smooth integration of microservices with existing systems. Implement cloud-native technologies and tools, including containerization (Docker, Kubernetes) and CI/CD pipelines, to enhance deployment and management of microservices. Provide guidance on best practices for microservices, including API design, security, and data management. Ensure that microservices are well-documented, easily consumable, and meet business and technical requirements. Collaborate with DevOps teams to streamline and automate processes for application life cycle management. Stay up-to-date with emerging trends and technologies related to microservices, and containerization. Qualifications: Strong programming skills in Android. Proven experience in microservices architecture and modernizing Legacy systems. Strong understanding of cloud platforms such as AWS, Azure, or Google Cloud. Proficiency with containerization and orchestration technologies (Docker, Kubernetes). Experience with API development and design (REST, gRPC). Familiarity with service discovery, monitoring, logging, and tracing (eg, Prometheus, Open Telemetry). Strong programming skills in languages such as Java, Go, or Node.js. Knowledge of CI/CD practices and tools (Github Actions) Experience with distributed databases and messaging systems (eg, Kafka). Knowledge of Service Mesh (eg Linkerd)

Permanent VP Level Solution Architect - SDLC - TOGAF - Agile - Cards & Payments - AWS/Azure Purpose of the role To design, develop, and implement solutions to complex business problems, collaborating with stakeholders to understand their needs and requirements, and design and implement solutions that meet those needs and create solutions that balance technology risks against business delivery, driving consistency. Vice President Expectations Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In-depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. To excel in this role, you will need: Proficiency in architecting solutions across disparate technologies to solve complex business challenges, while collaborating with various stakeholder groups and influencing their perspectives on technology-driven innovation. Practical experience with one or more SDLC methodologies with the ability to exhibit deep technical understanding conveyed through crisp solution design artefacts and walkthroughs. Strong communication skills, with the ability to present complex technical concepts (both written and verbal) to an extensive and varied set of stakeholders, anticipate objections, and effectively persuade others to adopt the most suitable approach - supported by excellent troubleshooting and analytical abilities. Additional highly valued skills: Application, Infrastructure, or Enterprise Architecture training and certification, such as TOGAF. Extensive experience in system integration, API design, and API management, including architecting enterprise-wide, end-to-end solutions with a strong focus on cloud-based technologies - particularly AWS, though experience with Azure and Google Cloud is also beneficial. Experience in Financial Services or working in a highly regulated environment, particularly within the Cards & Payments domain, as well as familiarity with Scaled Agile frameworks. Permanent role - hybrid working - Manchester based By applying to this job you are sending us your CV, which may contain personal information. Please refer to our Privacy Notice to understand how we process this information. In short, in order to supply you with work finding services, we will hold and process your personal data, and only with your express permission we will share this personal data with a client (or a third party working on behalf of the client) by email or by upload to the Client/third parties vendor management system. By giving us permission to send your CV to a client, this constitutes permission to share the personal data that would be necessary to consider your application, interview you (Phone/video/face to face) and if successful hire you. Scope AT acts as an employment agency for Permanent Recruitment and an employment business for the supply of temporary workers. By applying for this job you accept the Terms and Conditions, Data Protection Policy, Privacy Notice and Disclaimers which can be found at our website.

*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)