Senior Cyber Security Engineer

Are you a cyber security engineer who gets genuine satisfaction from closing vulnerabilities not just finding them

DNV Energy Systems is seeking a Senior Cyber Security Engineer to take ownership of the hands-on delivery of security across a portfolio of digital this role you will work closely with product and engineering teams to actively reduce risk meet compliance requirements and embed secure sustainable practices that last.

OUR OPPORTUNITY

Reporting to the Digital Portfolio Manager you will be the primary security engineering resource for the UK&I digital product portfolio. You will own the security posture of the portfolio end-to-endfromtooling and triage through to remediation support assessment execution and audit preparation.

This is an individual contributor role with substantial the one closest to the workwith direct influence over how security is practised across the portfolio. There is genuine opportunity for the function to grow around you as the team expands.

You will work across multiple products and engineering teams simultaneously acting as the technical security authority for the region. Youllbe joining teams that value security and want to get it rightgiving you the platform to drive meaningful lasting improvements.

Whatyoulldo:

Vulnerability Management & Tooling

• Maintain andoperateSAST/DAST tooling (including Veracode) across the digital portfolio

• Lead CVE triageassessing severityexploitabilityand remediation priority across all products

• Track and manage vulnerability remediation to closure working directly with engineering teams

• Maintain the portfolio security risk register ensuring visibility of open issues and remediation status

Security Assessment & Audit

• Plan and execute security assessments across the product portfolio against DNV standards and industry frameworks (egOWASP ASVS)

• Support audit preparation andevidencegathering for internal and external audit cycles

• Maintain assessment documentation findings registers and remediation tracking artefacts

Secure Development Practice

• Embed security into the software development lifecycle (SDL/SSDLC) across product teams

• Conduct threat modelling and architecture review for new and materially changed products

• Advise development teams on secure coding practices dependencymanagementand secrets handling

• Act as technical security subject matter expertthe first point of contact for engineering and product teams when security questions arise

We value all our people and the contributions they make to our business soitsimportant that our rewards make us all feel valued we offer a flexible reward and benefits package allowing you to choose the things that matter most to you including;

• Exceptional Development and career progression opportunities with regular development discussions with your manager

• Non-contractual Profit Share Scheme

• Lifestyle benefits: 26 days annual leave bank holidays opportunity for up to 10 days unpaid leave sabbatical leave flexible working options

• Wellbeing benefits: (including Private Medical Dental Insurance Health Assessments Gym allowance). Company contribution towards eye tests and glasses (for computer/laptop users) and Flu Vaccinations. Also our Employee Assistance Programme (EAP) provides free and confidential support for issues including work family relationships money and health and we provide free fruit in our offices

• Financial Benefits: including a Pension Scheme with employer pension contributions up to 9% Life Assurance and Income Protection

• Travel benefits: Season Ticket Loan Cycle to Work Scheme Electric Vehicle Salary Sacrifice Scheme (for personal use)

• Re-imbursement of relevant Professional Membership Fees (up to 570)

• Access to employee retail discount site for high street and on-line shopping