Principal Application Security Engineer (Purple/Red team)

Job Description Principal Application Security Engineer (Purple/Red team) City of London (Hybrid) £100,000 - £115,000 per annum On behalf of a leading financial services organisation, I am seeking a Principal App Sec Engineer Operating as a function of Cyber Defence under Information Security, you will lead the purple teaming and build out functionality, and ensure the firm is well positioned to prevent and detect modern cyber-attacks. As the business embarks on their flagship refresh projects, you will be responsible for ensuring these tools are fit for purpose through the delivery of threat-led sprints, and the creation or customisation of attack detection rules. Due to the organisation operating a hybrid work model, you will need to be within commuting distance of their City of London offices and able to commit to 3 days per week in office, working hours are typically 9-5 with flex on start and finish. Responsibilities: Define and execute purple team sprints that materially and demonstrably improve the businesses ability to prevent and detect modern attacks. Simulate both established and emerging attacker TTPs and personally build the respective detection rules and response procedures. Through the delivery of purple team sprints, identify opportunities to reduce the businesses attack surface using preventative controls. Work with the Security Engineering team as necessary to support the deployment and tuning of security-related tooling, particularly those that pertain to prevention and detection. Develop processes for attack surface monitoring and constant validation through automation. Act as an escalation point for the SOC and assist with incident response. Experience/Skills required: Previous experience emulating sophisticated cyber-attacks, likely in a purple or red team capacity. Deep understanding of modern attacker tools, techniques and procedures eg Prelude, Cobalt Strike, and Vectr. Comfortable identifying appropriate telemetry sources to collect, and using these to build custom attack detection rules where out the box capability doesn't exist. A strong communicator who is capable of working with professionals across the business. Strong documentation skills and the ability to present back to the business. #J-18808-Ljbffr