Lead Security Engineer

<h1><span class="emphasis-3">Join Kainos and Shape the Future </span></h1><p>At Kainos, we’re problem solvers, innovators, and collaborators - driven by a shared mission to create real impact. Whether we’re transforming digital services for millions, delivering cutting-edge Workday solutions, or pushing the boundaries of technology, we do it together.</p><p><br>We believe in a <b>people-first culture</b>, where your ideas are valued, your growth is supported, and your contributions truly make a difference. Here, you’ll be part of a diverse, ambitious team that celebrates creativity and collaboration.</p><p><br>Ready to make your mark? <b>Join us and be part of something bigger.</b></p><p>MAIN PURPOSE OF THE ROLE & RESPONSIBILITIES IN THE BUSINESS:<br>As a Lead Security Engineer (Consultant) in Kainos, you will be responsible for leading our security engineering and security testing efforts across Kainos Platforms and Services. They will set direction on our security testing methodology, engagement scoping, outputs and tool/technology selections, whilst developing our more junior security engineers accordingly.<br><br>They’ll work with agile delivery teams to develop good security practices throughout the software development journey. As a technical leader in the team, you will share knowledge and help educate our customers and Kainos team members on good security practices.<br><br>You’ll manage, coach and develop a small number of staff, with a focus on managing employee performance and assisting in their career development. You’ll also provide direction and leadership for your team as you solve challenging problems together.<br>MINIMUM (ESSENTIAL) REQUIREMENTS<br>• Expertise in securing Web Applications and Cloud Platforms (e.g. AWS/Azure).<br>• Expertise of testing software and infrastructure security using existing manual or automated security tools, e.g. perform and document penetration tests on web-based applications, networks and computer systems.<br>• Expertise in assessing software and infrastructure source code from a security standpoint.<br>• Expertise in Continuous Security, Continuous Integration and Continuous Delivery techniques<br>• Knowledge of international security standards and regulations such as NCSC, NIST, CIS, PCI, GDPR, OWASP ASVS, HIPPA, SOC2 etc.<br>• Knowledge of typical cyber security attack vectors (e.g. OWASP Top 10, SQL, XSS, XXE, MITM etc.) and can articulate threats and risk via threat modelling exercises/workshops<br>• Excellent communication skills, with the ability to convey security complexities to audiences of various technical abilities.<br>• We are passionate about developing people – a demonstrated ability in managing, mentoring and coaching members of your team and wider community is important<br>• Good programming or scripting experience across Windows/Linux/MacOS<br>• Stays up to date with new threats and attack types.<br><br>DESIRABLE<br>• Penetration testing qualifications (e.g. OSCP, CREST, TIGER or equivalent)<br>• Experience of working with the external penetration test companies to translate report findings into actionable tasks.<br>• Experience with security tools (e.g. Burp Suite, OWASP-ZAP, NMAP, Nessus, Kali, Metasploit etc.)<br>• Knowledge about main cyber security areas (e.g. OSINT, network scanning, enumeration, sniffing, session hijacking, social engineering, firewalls, honeypots, IDS/IPS/WAF/AV/DLP, Cryptography/PKI,IoTthreats, trojans/viruses/worms/backdoors/ransomware, etc.)<br>• Active participation in knowledge sharing activities, both within the team and at a wider level<br>• Active in the security community – conference speaking, active sharing of knowledge externally<br>• Experience of working in an Agile environment</p><h1><span class="emphasis-3"><b>Embracing our differences  </b> </span></h1><p>At Kainos, we believe in the power of diversity, equity and inclusion. We are committed to building a team that is as diverse as the world we live in, where everyone is valued, respected, and given an equal chance to thrive.   We actively seek out talented people from all backgrounds, regardless of age, race, ethnicity, gender, sexual orientation, religion, disability, or any other characteristic that makes them who they are.   We also believe every candidate deserves a level playing field.  <br></p><p>Our friendly talent acquisition team is here to support you every step of the way, so if you require any accommodations or adjustments, we encourage you to reach out.  <br></p><p>We understand that everyone's journey is different, and by having a private conversation we can ensure that our recruitment process is tailored to your needs.</p><p></p><p> </p>

Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...