Security Assessment Automation Specialist (VP)Join to apply for the Security Assessment Automation Specialist (VP) role at SMBC GroupSumitomo Mitsui Finance Dublin Limited (SMFD) is a wholly owned subsidiary of SMBC and is growing rapidly as a Centre of Excellence for the bank's universal banking business across EMEA. It provides a range of technology and operational support services, aligned to SMBC's growth, innovation, and transformation strategies.What you'll do:Automated Security Pipelines - Design and implement enterprise-grade security assessment pipelines integrating SAST, DAST, IAST, and SCA tools into CI/CD workflows.Infrastructure as Code Security - Integrate security testing into IaC workflows (Terraform, CloudFormation), ensuring security by design in automated deployments.Hybrid Environment Coverage - Support cloud-native (Azure, GCP) and on-prem infrastructure with tailored assessment strategies.Ephemeral & Traditional Infrastructure - Implement pre-deployment validation for immutable resources and architect scanning solutions for long-lived assets using network and agent-based tools.Policy-as-Code Governance - Establish frameworks for automated enforcement of security baselines and compliance requirements.Shift-Left Security - Collaborate with DevOps and platform teams to embed security early in the software delivery process.Tooling & Innovation - Continuously evaluate emerging security tools and techniques, ensuring alignment with evolving threats and technologies.Security Architecture Guidance - Provide governance, secure design patterns, and best practices for security automation.What you'll bring:Strong knowledge of CI/CD security integrations and DevSecOps principles.Proficiency in security assessment tools (SAST, DAST, IAST, SCA) and pipeline automation.Expertise in CI/CD security, DevSecOps, and automation of security assessments (SAST, DAST, IAST, SCA).Hands-on with Infrastructure as Code security (Terraform, CloudFormation) and Policy-as-Code (Azure Policy, OPA).Experience securing hybrid/multi-cloud (Azure, GCP) and on-prem environments.Strong knowledge of security frameworks (NIST CSF, ISO 27001/2, CIS) and secure design principles.Skilled in threat modelling, Zero Trust, Least Privilege, and Network Segmentation.Familiar with SSDLC, governance, risk, compliance, and secure coding practices.Understanding of architectural patterns (Multi-Tier, Microservices, Event-Driven) and frameworks (TOGAF, SABSA).Have the right to work in Ireland and happy to work on site in Dublin (hybrid working model).Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates
#J-18808-Ljbffr