Sumitomo Mitsui Finance Dublin Limited (SMFD)is a wholly owned subsidiary of SMBC and is growing rapidly as a Centre of Excellence for the bank's universal banking business across EMEA. It provides a range of technology and operational support services, aligned to SMBC's growth, innovation, and transformation strategies.What you'll do:Automated Security Pipelines - Design and implement enterprise-grade security assessment pipelines integrating SAST, DAST, IAST, and SCA tools into CI/CD workflows.Infrastructure as Code Security - Integrate security testing into IaC workflows (Terraform, CloudFormation), ensuring security by design in automated deployments.Hybrid Environment Coverage - Support cloud-native (Azure, GCP) and on-prem infrastructure with tailored assessment strategies.Ephemeral & Traditional Infrastructure - Implement pre-deployment validation for immutable resources and architect scanning solutions for long-lived assets using network and agent-based tools.Policy-as-Code Governance - Establish frameworks for automated enforcement of security baselines and compliance requirements.Shift-Left Security - Collaborate with DevOps and platform teams to embed security early in the software delivery process.Tooling & Innovation - Continuously evaluate emerging security tools and techniques, ensuring alignment with evolving threats and technologies.Security Architecture Guidance - Provide governance, secure design patterns, and best practices for security automation.What you'll bring:Strong knowledge of CI/CD security integrations and DevSecOps principles.Proficiency in security assessment tools (SAST, DAST, IAST, SCA) and pipeline automation.Expertise in CI/CD security, DevSecOps, and automation of security assessments (SAST, DAST, IAST, SCA).Hands-on with Infrastructure as Code security (Terraform, CloudFormation) and Policy-as-Code (Azure Policy, OPA).Experience securing hybrid/multi-cloud (Azure, GCP) and on-prem environments.Strong knowledge of security frameworks (NIST CSF, ISO 27001/2, CIS) and secure design principles.Skilled in threat modelling, Zero Trust, Least Privilege, and Network Segmentation.Familiar with SSDLC, governance, risk, compliance, and secure coding practices.Understanding of architectural patterns (Multi-Tier, Microservices, Event-Driven) and frameworks (TOGAF, SABSA).Have the right to work in Ireland and happy to work on site in Dublin (hybrid working model).All third-party applications will be managed by Robert Walters.Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates