Security Assessment Automation Specialist (VP)Overview: Join one of the world’s most respected financial institutions, renowned for its stability, innovation, and commitment to excellence. You\'ll shape the future of security automation across a complex, global environment — embedding cutting-edge security practices into every stage of the development life cycle across the bank’s cloud and on-premises platforms, ensuring security is robust, scalable, and ahead of emerging threats.Sumitomo Mitsui Finance Dublin Limited (SMFD) is a wholly owned subsidiary of SMBC and is growing rapidly as a Centre of Excellence for the bank’s universal banking business across EMEA. It provides a range of technology and operational support services, aligned to SMBC’s growth, innovation, and transformation strategies.What you\'ll do:Automated Security Pipelines – Design and implement enterprise-grade security assessment pipelines integrating SAST, DAST, IAST, and SCA tools into CI/CD workflows.Infrastructure as Code Security – Integrate security testing into IaC workflows (Terraform, CloudFormation), ensuring security by design in automated deployments.Hybrid Environment Coverage – Support cloud-native (Azure, GCP) and on-prem infrastructure with tailored assessment strategies.Ephemeral & Traditional Infrastructure – Implement pre-deployment validation for immutable resources and architect scanning solutions for long-lived assets using network and agent-based tools.Policy-as-Code Governance – Establish frameworks for automated enforcement of security baselines and compliance requirements.Shift-Left Security – Collaborate with DevOps and platform teams to embed security early in the software delivery process.Tooling & Innovation – Continuously evaluate emerging security tools and techniques, ensuring alignment with evolving threats and technologies.Security Architecture Guidance – Provide governance, secure design patterns, and best practices for security automation.What you\'ll bring:Strong knowledge of CI/CD security integrations and DevSecOps principles.Proficiency in security assessment tools (SAST, DAST, IAST, SCA) and pipeline automation.Expertise in CI/CD security, DevSecOps, and automation of security assessments (SAST, DAST, IAST, SCA).Hands-on with Infrastructure as Code security (Terraform, CloudFormation) and Policy-as-Code (Azure Policy, OPA).Experience securing hybrid/multi-cloud (Azure, GCP) and on-prem environments.Strong knowledge of security frameworks (NIST CSF, ISO 27001/2, CIS) and secure design principles.Skilled in threat modelling, Zero Trust, Least Privilege, and Network Segmentation.Familiar with SSDLC, governance, risk, compliance, and secure coding practices.Understanding of architectural patterns (Multi-Tier, Microservices, Event-Driven) and frameworks (TOGAF, SABSA).Have the right to work in Ireland and happy to work on site in Dublin (hybrid working model).About the jobContract Type: PermSpecialism: TechnologyFocus: Information SecuritySalary: bonusWorkplace Type: HybridExperience Level: Mid ManagementLocation: DublinJob Reference: LUC114-7D4D677ADate posted: 12 August 2025Consultant: Fiona Fung
#J-18808-Ljbffr