Energy Jobline is the largest and fastest growing global Energy Job Board and Energy Hub. We have an audience reach of over 7 million energy professionals, 400,000+ monthly advertised global energy and engineering jobs, and work with the leading energy companies worldwide.

We focus on the Oil & Gas, Renewables, Engineering, Power, and Nuclear markets as well as emerging technologies in EV, Battery, and Fusion. We are committed to ensuring that we offer the most exciting career opportunities from around the world for our jobseekers.

Job Description

The Company

Superb opportunity to join a leading financial services client with offices in Edinburgh.

This is an initial 6-month contract inside IR35. There will be a requirement to be in the office up to 3-days per week.

The Role

We are seeking an experienced Security Design Engineer (AppSec) to lead end-to-end security solution design across complex technology environments. You will produce high-quality architecture and design artefacts aligned to business and security standards, influence strategic direction, and provide hands-on application security expertise across large-scale transformation programmes.

What you'll do

Own and deliver secure solution designs, architecture patterns, design decisions, and risk assessments Partner with enterprise and solution architects to ensure alignment with strategic architecture Provide technical leadership and act as an AppSec subject matter expert for delivery teams Design and embed security into modern application stacks and CI/CD pipelines Present designs and recommendations to design authorities and senior stakeholders Identify control gaps, define remediation plans, and manage residual risk Support governance, peer review, and architectural assurance processes

What you'll bring

Deep application security experience across cloud-, microservices, containerised and Kubernetes environments Strong expertise in SAST, DAST, IAST, MAST, SCA, SBOMs, and supply-chain security Proven experience integrating security testing into CI/CD (eg GitHub Actions, GitLab, Jenkins, Azure DevOps) Threat modelling, secure SDLC design, and risk-based security policy development Experience in vulnerability and exposure management and network security concepts (segmentation, logging, scanning) Familiarity with industry frameworks (OWASP SAMM/ASVS, NIST SSDF, SLSA, CSA) Ability to communicate complex security concepts to both technical and non-technical stakeholders Experience working in large, complex IT transformation programmes

Tools & technologies

AppSec tools such as Checkmarx, Invicti, Snyk, Black Duck, Tenable (or similar) Architecture modelling (eg BizzDesign, Archi, UML) Jira and Confluence

Qualifications ()

Degree in cybersecurity, computer science, software engineering, or related field CISSP, CISM, or equivalent cybersecurity certification SABSA or TOGAF certification

This is an opportunity to shape secure architecture at scale, influence senior stakeholders, and drive developer-centric security practices in a complex enterprise environment.

More details available on successful application.

If you are interested in applying for this job please press the Apply Button and follow the application process. Energy Jobline wishes you the very best of luck in your next career move.