Application Security Design Engineer
Posted 1 day ago by Allegis Group
Negotiable
Undetermined
Undetermined
Edinburgh, Scotland, United Kingdom
Summary: Security Design Engineers are responsible for managing end-to-end solution design, delivering design documents that meet business requirements and standards. They collaborate with stakeholders to ensure alignment with strategic direction and provide technical leadership on projects. The role requires expertise in application security, including securing modern architectures and implementing security testing pipelines. Additionally, Security Design Engineers present solutions to senior leadership and act as subject matter experts in their field.
Key Responsibilities:
- Manage end-to-end solution design and deliver design documents in line with business requirements.
- Create high-level designs and publish architecture patterns, key decisions, and technical risks.
- Collaborate with stakeholders, including enterprise architects, to align design decisions with strategic direction.
- Present and share solutions at design authorities and with senior leadership.
- Provide technical thought leadership and direction to aligned projects.
- Act as subject matter experts and consultants related to security design.
Key Skills:
- Significant experience in application security, including modern application architectures.
- Hands-on experience with SCA tools and methodologies.
- Deep experience in implementing and optimizing AST capabilities.
- Success in designing and integrating security testing pipelines within CI/CD environments.
- Strong background in threat modeling and secure SDLC design.
- Ability to evaluate and architect AppSec technologies.
- Experience in vulnerability and exposure management.
- Knowledge of network security practices and policies.
Salary (Rate): undetermined
City: Edinburgh
Country: United Kingdom
Working Arrangements: undetermined
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Job Description Security Design Engineers manage end-to-end solution design and are responsible for delivering design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, Security Design Engineers will be required to publish new architecture patterns, key decisions, design deviations, and technical risks and issues where appropriate. Security Design Engineers will work with stakeholders including the relevant enterprise architect to ensure design decisions in delivery align to strategic direction. Security Design Engineers should be comfortable presenting and sharing solutions at design authorities and senior leadership & stakeholders. Additionally, the Security Design Engineers will provide technical thought leadership and direction to their aligned projects and may stand in as subject matter experts and consultants related programmes.
Required Expertise • Significant experience and proven technical depth within application security, such as; o Hands-on experience securing modern application architectures (microservices, cloud-native, containerized environments). o Knowledge of SCA tools and methodologies (e.g., dependency analysis, open-source license compliance, vulnerability triage, supply-chain risk management). o Deep experience implementing and optimising AST capabilities, including SAST, DAST, IAST,MAST and container/K8s security scanning. o Demonstrated success designing and integrating security testing pipelines within CI/CD environments (GitHub Actions, GitLab, Jenkins, Azure DevOps, etc.). o Strong background in threat modelling, secure SDLC design, and establishing risk-based security policies for code, dependencies, and build systems. o Ability to evaluate, select, and architect AppSec technologies, including enterprise SCA/AST platforms, SBOM solutions, and vulnerability management workflows. o Experience collaborating with engineering teams to prioritize and remediate vulnerabilities, provide secure coding guidance, and enable developer-centric security practices. o Familiarity with industry frameworks and standards (OWASP SAMM, ASVS, CSA, NIST SSDF, supply-chain security frameworks such as SLSA). • Experience across vulnerability and exposure management including detection, analysis, management and resolution activities • Experience within network security, such as; o Segmentation and Micro-Segmentation and it’s affects on vulnerability scanning o Defining and enforcing policies for secure network operations and and appropriate access for vulnerability scanning o Establishing appropriate logging for the monitoring and analysis of network traffic to detect and respond to threats.