41 Software Security jobs in Ireland

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft's mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers' heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world.
Are you passionate about building secure, intelligent systems that identify threats before adversaries do? Do you want to shape the future of security building on AI tools? Our team, IDSEC AI, is on a mission to scale proactive security across Microsoft's products by unifying vulnerability identification and exploit detection. We're building systems that combine AI, large-scale code and binary analysis, and real-time intelligence to find and mitigate security issues across the software supply chain. We are looking for a Senior Software Engineer with a strong foundation in AI and security to help design and deliver scalable systems that operate across millions of assets and billions of signals. You'll be working at the intersection of secure software engineering, advanced detection, and practical AI-enabling defenders to stay ahead of the threat curve. If you've ever wanted to build secure-by-design systems with the latest in machine learning, large language models, and static/dynamic analysis at cloud scale-this is your opportunity.
Microsoft's mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond.
#MSFTSecurity, #Hiring #SeniorEngineer #AIEngineering #CyberSecurity #ExploitDetection #SecureCoding #MicrosoftAI #Azure #JoinOurTeam #FutureOfWork #BuildWithPurpose
**Responsibilities**
+ **Conducting Research**
+ Identifies, conducts, and supports others in conducting research into critical security areas, such as competitor products, current attacks, adversary tracking, and academic literature. Partners cross-functionally (e.g., across disciplines, teams, or security versus non-security) to design solutions to prevent attacks. Designs lead to engineering projects. Investigates business-critical security issues (e.g., root cause, motivation, and impact). Advocates priorities. Elevates findings appropriately to address and mitigate issues. Solicits feedback and evaluates results to incorporate into future research. Demonstrates judgment in identifying projects and priorities (e.g., what to test and pursue). Understands interplay across Microsoft technologies and how they give rise to attacker opportunities.
+ Drives the evolution of security research by building intelligent tooling and agentic systems that scale across Microsoft's ecosystem. Enables autonomous threat detection, mitigation, and response, transforming manual workflows into adaptive, self-healing processes.
+ Works with others to synthesise research findings into recommendations for mitigation of security issues. Shares across teams. Drives change within team based on research findings. Contributes to professional community through publications.
+ Analyses complex issues using multiple data sources to develop insights and identify security problems and threats. Creates new solutions to mitigate security issues. Makes trade-offs to balance security and operational needs. Identifies and recommends process improvements and adopts best practices. Leverages the work of others to improve existing processes. Helps to drive resolution to systemic security issues through cross-team collaboration. Anticipates previously unknown potential artefacts that could be present in data as indicators of attacker activity. May contribute to professional community through conference and forum presentations.
+ Recommends prioritisation and validation methods for technical indicators. Synthesises threat data to generate trends, patterns and insights that align to intelligence requirements or customer requests. Reviews findings and identifies nuanced variants. Designs and develops scalable automation pipelines and agentic systems to accelerate threat analysis, variant detection, and mitigation workflows. Leverages AI-driven agents to autonomously triage, correlate, and respond to emerging threats.
+ Leads efforts to clean, structure, and standardise data and data sources. Leads data quality efforts to ensure timely and consistent access to data sources. Curates sources of data and partners to develop and sustain data access across teams. Incorporates new data sources consistent with corporate data privacy standards.
+ Takes product schedules, dependencies and risk assessments into consideration in performing security design and analysis. Creates a schedule for analysis of large feature areas that accounts for dependencies and meets milestones. Conducts security research of Microsoft and competitor products. Researches, analyses, and summarises security threats and shares with security assurance and security tooling teams as enhancements to the security compliance programme.
+ Identifies, prioritises, and targets complex security issues that cause negative impact to customers. Creates and drives adoption of relevant mitigations. Suggests and drives appropriate guidance, models, response, and remediation for issues. Drives automation-first approaches to mitigation, integrating agentic frameworks that adaptively respond to threat signals. Builds reusable tooling and autonomous agents that generalise across classes of security issues. **Solution Generation**
+ Identifies, prioritises, and targets complex security issues that cause negative impact to customers. Creates and drives adoption of relevant mitigations. Suggests and drives appropriate guidance, models, response, and remediation for issues. Drives programme and process of mitigation through automation.
+ Solves classes of issues systematically and with transparency to customers in technical implementation and automation of solutions related to specific kinds of security issues (e.g., signature detection, malware, threat analysis, reverse engineering). Begins to develop substantial skills in other kinds of security issues outside areas of expertise. Works across disciplines to build improvements in solutions and methods. Uses results from research and experimentation to drive architecture or product direction for Microsoft.
+ Collaborates with engineering teams to embed agentic capabilities into security products, enabling continuous learning and self-improving defences.
+ Engages with customers and partners to improve security issues. Analyses security issues or patterns. Advocates for customers and partners. Develops feedback channels and translates feedback into better security practices. Escalates issues as needed. Fosters adoption of security features (e.g., multi-factor authentication (MFA)). Develops and provides guidance and education that result from resolution of security issues.Orchestration
+ Helps to make connections and assist in developing agreements between groups to clarify priorities and identify dependencies. Provides coordination across groups. Articulates key security issues to teams and to upper management. Autonomously drives coordination and collaboration across teams. Participates in internal or external collaboration in representing Microsoft's interests.
+ Leads the development and deployment of internal tooling platforms that support agentic workflows, including automated incident response, telemetry enrichment, and security posture evaluation.
+ Protects tools, techniques, information, and results of security practices. Assesses efficacy of operational security (e.g., red-on-red pen testing). Develops new techniques to evaluate operational security. Teaches others to master techniques.
+ Effectively manages multiple workstreams and resources during incidents, applies diagnostic expertise, provides guidance to other engineers working to mitigate and resolve issues, and maintains a commitment to the quality of products and services throughout the lifecycle. Ensures proper notes from incidents are documented and drives the execution of quality postmortem and root cause analysis processes across teams. Performs analysis of historical incident data to identify trends, patterns, and issues that should be addressed at high priority.
+ Leads large-scale security reviews. Leads work on architectural and design security reviews for feature areas. Where appropriate, ensures best practices for security architecture, design and development are in place. Measures return on investment (ROI). Determines value of investment. Measures customer satisfaction. Evaluates security risks and their impact to the affected services and works with DevOps leads, engineering leads and researchers to mitigate risks. Monitors and responds to security events, potential vulnerabilities, exposures, and policy compliance issues. **Industry Leadership**
+ Uses subject matter expertise to identify potential security issues, tools, mitigations, and processes (e.g., architecture, failure modes, attack chain, threat modelling, vulnerabilities). Stays current in knowledge and expertise as the security landscape evolves. Makes expertise available to others and drives change through sharing, coaching, conferences, and other means. Coaches and mentors others in area of expertise. Models appropriate risk-taking and ethical behaviour.
+ Uses business knowledge and technical expertise to assist with analysing the work of the team to identify potential tools to assist future vulnerability analyses. Helps define deployment best practices and security configuration standards to ensure technologies are deployed in a secure fashion. Researches and maintains deep knowledge of industry trends, technologies, tools, securities, and advances.
+ Influences the broader security community by advocating for agentic approaches to threat detection and response, contributing to the evolution of autonomous security standards.
**Qualifications**
**Required Qualifications**
+ Relevant experience in the software development lifecycle, distributed systems, cloud services, large-scale computing, modeling, cybersecurity, and/or anomaly detection
+ OR a Master's Degree in Statistics, Mathematics, Computer Science, or a related field
+ Proficiency in one or more modern programming languages such as C#, Python, Go, or Rust
+ Experience working with large-scale data processing pipelines or AI/ML inference systems
+ Strong understanding of security fundamentals, including secure coding practices, authentication/authorization, and common vulnerability classes (e.g., memory corruption, IDOR, SSRF)
+ Demonstrated ability to deliver secure, high-quality code in a fast-paced environment
**Preferred Qualifications**
+ Experience applying AI to code (e.g., code understanding, analysis, or generation)
+ Background in ML model evaluation, interpretability, or adversarial robustness
+ Experience with Azure or other cloud platforms
+ Familiarity with modern CI/CD pipelines, secure software supply chain practices, and SBOM tooling
+ Experience in building or scaling systems for vulnerability management, security automation, or detection engineering
Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations ( .

**Minimum qualifications:**
+ Bachelor's degree or equivalent practical experience.
+ 8 years of experience with software development in one or more programming languages (e.g., Python, C, C++, Java, JavaScript).
+ 3 years of experience in a technical leadership role; overseeing projects, with 2 years of experience in a people management, supervision/team leadership role.
+ 3 years of experience with data privacy or security systems.
**Preferred qualifications:**
+ Master's degree or PhD in Engineering, Computer Science, or a related technical field.
+ 3 years of experience working in a matrixed organization.
+ Experience in backend coding languages such as GoLang, Rust, or Java.
+ Experience in ML model coding languages (e.g., Python).
Like Google's own ambitions, the work of a Software Engineer goes beyond just Search. Software Engineering Managers have not only the technical expertise to take on and provide technical leadership to major projects, but also manage a team of Engineers. You not only optimize your own code but make sure Engineers are able to optimize theirs. As a Software Engineering Manager you manage your project goals, contribute to product strategy and help develop your team. Teams work all across the company, in areas such as information retrieval, artificial intelligence, natural language processing, distributed computing, large-scale system design, networking, security, data compression, user interface design; the list goes on and is growing every day. Operating with scale and speed, our exceptional software engineers are just getting started -- and as a manager, you guide the way.
With technical and leadership expertise, you manage engineers across multiple teams and locations, a large product budget and oversee the deployment of large-scale projects across multiple sites internationally.
The Security Endpoint Agents team builds many parts of the scalable infrastructure to detect and block security threats and keep Google and Alphabet safe.
The Core team builds the technical foundation behind Google's flagship products. We are owners and advocates for the underlying design elements, developer platforms, product components, and infrastructure at Google. These are the essential building blocks for excellent, safe, and coherent experiences for our users and drive the pace of innovation for every developer. We look across Google's products to build central solutions, break down technical barriers and strengthen existing systems. As the Core team, we have a mandate and a unique opportunity to impact important technical decisions across the company.
**Responsibilities:**
+ Build strong relationships with a variety of stakeholders to achieve both our detection and software control objectives.
+ Ensure our EDR agents meet strict reliability and performance standards through technical excellence and unification to enhance user satisfaction.
+ Design, guide and vet systems designs within the scope of the broader area, and write product or system development code to solve ambiguous problems.
+ Review code developed by other engineers and provide feedback to ensure best practices (e.g., style guidelines, checking code in, accuracy, testability, and efficiency).
+ Lead engineers of the Security Endpoints Team that build low-level endpoint security tools to process large amounts of security events at low latency and with minimal impact to the machine performance.
Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also and If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form:

Job Title:
Sr. Software Engineer - Cloud & Security
Job Description
We're Concentrix. The intelligent transformation partner. Solution-focused. Tech-powered. Intelligence-fueled.
The global technology and services leader that powers the world's best brands, today and into the future. We're solution-focused, tech-powered, intelligence-fueled. With unique data and insights, deep industry expertise, and advanced technology solutions, we're the intelligent transformation partner that powers a world that works, helping companies become refreshingly simple to work, interact, and transact with. We shape new game-changing careers in over 70 countries, attracting the best talent.
The Concentrix Catalyst team is the driving force behind Concentrix's transformation, data, and technology services. We integrate world-class digital engineering, creativity, and a deep understanding of human behavior to find and unlock value through tech-powered and intelligence-fueled experiences. We combine human-centered design, powerful data, and strong tech to accelerate transformation at scale. You will be surrounded by the best in the world providing market leading technology and insights to modernize and simplify the customer experience. Within our professional services team, you will deliver strategic consulting, design, advisory services, market research, and contact center analytics that deliver insights to improve outcomes and value for our clients. Hence achieving our vision.
Our game-changers around the world have devoted their careers to ensuring every relationship is exceptional. And we're proud to be recognized with awards such as "World's Best Workplaces," "Best Companies for Career Growth," and "Best Company Culture," year after year.
Join us and be part of this journey towards greater opportunities and brighter futures.
**Your day-to-day**
We work in a hybrid formation, attending the office on Monday, Tuesday and Thursday with the option to work from home or office on Wednesday and Friday. The successful candidate will make significant contributions to our cloud modernisation project.
+ Assume the role of a key Software Engineer on a team working on the leading Email Security product on the market
+ Play a vital role in the delivery of ambitious new features and products from Engineering through to Production
+ Collaborate with Engineering and Product Management resources to analyze and refine requirements
+ Help resolving critical customer escalations
**What you bring to the team**
+ Self-motivated and can work independently, while also being able to partner closely with other engineers on a project
+ Passionate about building quality products and want to own development end-to-end, leading with the right design, and follow principles to deliver maintainable, performant and a predictable experience
+ Enjoy problem solving and challenging yourself, but you are not afraid to reach out when you need help
+ Experience in working collaboratively with Product Management, QA and Operations teams
+ Excellent communication & interpersonal skills
**Technical Skills**
**Essential:**
+ Solid programming experience, ideally in Java
+ Experience of containerized applications, preferably using Kubernetes or similar orchestration tools
+ Experience with CI/CD Pipelines, microservices and distributed systems
+ Understanding of modern cloud infrastructure - ideally AWS/Azure
**Desirable**
+ Familiarity with infrastructure-as-code tools such as Terraform
+ Experience with OpenLDAP
+ Experience in Perl Development
Location:
UK, Work at Home, Northern Ireland
Language Requirements:
Time Type:
Full time
**If you are a California resident, by submitting your information, you acknowledge that you have read and have access to the Job Applicant Privacy Notice for California Residents (

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.
In the Americas, SMBC Group has a presence in the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.
+ This is a hybrid role, requiring the successful candidate to attend our Tralee office.
**Role Description**
SMBC is seeking a Senior Application Security Engineer who is interested in building a career at a fast growing and reputable Bank. Senior Application Security Engineer will be responsible for ensuring that all code scanning vulnerabilities follow organizational policies and work closely with developers to ensure issues are fixed before releasing code to production. This candidate will have a strong development background and the ability to read and explain code deficiencies to stakeholders in various programming and scripting languages. Acts as a subject matter expert who uses expertise to resolve complex problems in consideration of established policies, guidelines or processes.
This role reports into SMBC AD Head of Application Security.
**Role Objectives: Delivery**
+ Strong ability to work with stakeholders and being able to explain code issues and fixes to development community.
+ You will work very closely with developers on day-to-day basis to ensure all code in the environment is scanned and reported focusing on SAST, SCA, DAST, IAST and Container Security issues.
+ Interface with development and security architecture teams on topics related to application security for example vulnerability remediation, best practices, threat modeling, etc.
+ Interface with the vulnerability management team to ensure vulnerabilities identified are reported and validated according to SLA's
+ Publish and present high level management reports on State of AppSec Program within Americas Division entities.
+ Some manual testing activities validate vulnerability or penetration testing findings
+ Weekend and night work may be needed at times based on project, support, and business needs.
**Qualifications and Skills**
+ 7+ years of experience as a Application Security analyst or Application Penetration Testing analyst
+ Expertise with programming languages, C#, C++, Java, Python, .Net
+ Ability to read and understand code deficiencies - Required.
+ Ability to write code fixes for stakeholders and create automation scripts to support internal cybersecurity projects.
+ Experience in developing and maturing CI/CD pipeline with respect to code quality and detecting vulnerabilities.
+ 4+ years of experience with Static Application Security Testing (SAST) or Dynamic App Security Testing (DAST)
+ 2+ years of experience with container security issues and container technologies
+ Through understanding of the components of the Secure Software Development Lifecycle
+ Strong knowledge of OWASP Top 10 or CWE
+ Understanding of common software threats and mitigations
+ Must be process and detail oriented, ability to create detailed process documentation.
+ Experience with Jira/Confluence
+ Bug Bounty and/or penetration testing experience a bonus.
+ Have strong verbal and written communication skills.
+ Ability to demonstrate a self-motivated and disciplined approach to learning and working.
+ Ability to work in a team environment and demonstrate leadership skills when needed.
+ Possess a highly developed sense of personal accountability and follow-through with an ability to effectively prioritize multiple personal tasks, projects, and goals.
**Additional Requirements**
SMBC's employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process.
SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at

Job: Security Engineering Manager

Location: Dublin, Ireland

Type: Contract / Perm

Duration: 12 months+

Salary: 95,000 or 500 per day

Hybrid Model: 1 day a week onsite.

We are looking for a talented Security Engineering Service Manager to enhance and safeguard our customer's applications and systems.

The successful candidate will be responsible for managing the secure design, development, implementation and assurance of best-in-class cybersecurity practices. This role focuses on strengthening our digital infrastructure to protect against evolving threats, maintaining compliance with industry standards, and aligning our security measures with strategic business objectives.

The ideal candidate will be able to operate at both strategic and technical levels, ensuring that our customer builds strong internal security capabilities, provides effective management of external partners, while collaborating with cross-functional teams.

We are looking for people with a strong background in Security with the following experience:

• Experience managing third-party security teams or working with managed service providers
• Extensive experience in cybersecurity, security engineering, and risk management
• Robust management and strategic thinking skills
• Expertise in security frameworks, compliance, and threat intelligence
• Proven ability to manage teams, vendors, and security initiatives successfully
• Proficient with ELK Stack, QRadar, Splunk and exposure to HP Arcsight and McAfee Nitro
• Vulnerability Assessment and Management - Kali Linux, Tripwire, Nexpose, Qualys,
• Nessus
• Analyse/Reverse engineer malware to identify threat actors, extract IOCs and
• provide a detailed report
• Proficient in implementing and administering:

o Firewalls - Cisco, Juniper Networks, FortiGate, Palo Alto

o IPS - Tipping point, Fortinet, McAfee, SourceFire, etc.

o ATP & DLP - McAfee EPO, Websense, Symantec, Cyphort, TrendMicro

• Lumension

o Email & Web (proxy) gateways - Cisco IronPort, Forcepoint

o Switches - Cisco, Juniper, Fortinet

o Web Application Firewalls - Barracuda WAF.

o Identity Access Management - RSA secureID.

o File Integrity Monitoring - Tripwire, Bit9

• Forensic Investigation - Encase, Autopsy, FTK Suite, Sleuth Kit, X-Ways, SIFT, F- Response
• Project Management - Contract Deliverables, Mentoring, Cost and Budgeting,
• Client Relations & Presentation, People Management, Resource Augmentation & Training

This is a really exciting job with excellent career progression. You will make a major impact on the business and learn along with way.

**Application Security Engineer (Defender)**
**Location: Europe-Based** (Office/ Hybrid/Home)
**Position Summary:**
We are seeking a passionate and skilled **Application Security Engineer** to join our global Product Security team. As part of a collaborative group of AppSec experts, you'll play a vital role in protecting our innovative software solutions. This is a unique opportunity to work at the forefront of cybersecurity, helping shape secure development practices across a wide range of technologies-from C#, Typescript, JavaScript, Node.js, single-page applications and Electron applications, Azure cloud services, K8s, and more.
**Responsibilities:**
+ Conduct **manual security code reviews** to identify vulnerabilities.
+ Collaborate with developers to ensure **secure design, implementation, and verification** of applications.
+ Provide **remediation guidance** and actionable recommendations.
+ Help define and promote **Secure Software Development Lifecycle (SSDLC)** best practices.
+ ️ Support stakeholders in making **risk-based security decisions** .
+ Deliver **training sessions** and create educational materials for development teams.
+ ️ Build **tools and automation** to streamline security processes.
**Qualifications:**
+ 3+ years of experience in **software development and security** , with a strong focus on **manual code review** and **white-box vulnerability analysis** .
+ Proficiency in reading, writing, and auditing code across multiple languages and platforms.
+ Strong analytical skills and a passion for **software security** and **secure coding practices** .
+ Experience with **web technologies** (JavaScript, HTML5, HTTP, REST, SOAP).
+ Familiarity with programming languages such as **.NET Core, Node.js, C#, Java, TypeScript, C/C++** .
+ Solid understanding of **OWASP Top 10** , **SANS Top 25** , and common security flaws.
+ ️ Hands-on experience with **cloud technologies** (Azure preferred).
+ Proficiency in **containerization** using **Kubernetes and Docker** .
+ Ability to **quickly learn new technologies** and conduct independent research
**Bonus Points:**
+ Experience with **OAuth 2.0 / OpenID Connect** .
+ Ability to **exploit vulnerabilities** (e.g., deserialization, HTTP smuggling).
+ Interest in **fuzzing, reverse engineering, and crash analysis** .
+ Relevant certifications such as **CCSP, CISSP, CEH** , or similar.
**What We Offer:**
+ A great Team and culture - please see our colleague video .
+ An exciting career as an integral part of a world-leading software company providing solutions for architecture, engineering, and construction - watch this short documentary about how we got our start.
+ An attractive salary and benefits package.
+ A commitment to inclusion, belonging, and colleague well-being through global initiatives and resource groups.
+ A company committed to making a real difference by advancing the world's infrastructure for a better quality of life, where your contributions help build a more sustainable, connected, and resilient world. Discover our latest user success stories for an insight into our global impact.

**About Bentley Systems**
Around the world, infrastructure professionals rely on software from Bentley Systems to help them design, build, and operate better and more resilient infrastructure for transportation, water, energy, cities, and more. Founded in 1984 by engineers for engineers, Bentley is the partner of choice for engineering firms and owner-operators worldwide, with software that spans engineering disciplines, industry sectors, and all phases of the infrastructure lifecycle. Through our digital twin solutions, we help infrastructure professionals unlock the value of their data to transform project delivery and asset performance. Opportunity Employer:**
Bentley is proud to be an equal opportunity employer and considers for employment all qualified applicants without regard to race, color, gender/gender identity, sexual orientation, disability, marital status, religion/belief, national origin, caste, age, or any other characteristic protected by local law or unrelated to job qualifications.
**#LI-VP**
**#LI-Remote**
**#LI-Hybrid**
Equal Opportunity Employer/Minorities/Females/Veterans/Disabled

**Our Story**
Unum Technology Centre in Carlow serves as a strategic software development and IT services centre supporting Unum, a leading provider of income protection in the US. Our team of IT professionals build solutions and critical business applications to digitally transform the way we do business.
We're looking for a Senior Application Security Engineer to lead the integration of secure development practices across our SDLC in both cloud and on-prem environments. This role combines hands-on technical expertise with strategic influence, focusing on secure architecture, CI/CD automation, and developer enablement. You'll collaborate with cross-functional teams to drive threat modeling, build secure-by-default tooling, and mentor engineers across Ireland and the US-helping to elevate our overall security maturity and culture.
**Key Responsibilities**
**Secure Software Development & DevSecOps Integration**
+ Architect and integrate security into CI/CD pipelines using modern automation and guardrails.
+ Develop secure frameworks, SDKs, and CI integrations to enable frictionless adoption of security controls.
+ Maintain secure coding standards and guidance tailored to our technology stack.
+ Collaborate with DevOps and platform teams to enhance container and infrastructure security (Docker, Kubernetes, IaC).
**Threat Modeling, Reviews & Remediation**
+ Lead threat modeling workshops across product and platform teams.
+ Identify and assess vulnerabilities using SAST, DAST, SCA, manual code reviews, and penetration testing.
+ Promote reusable remediation patterns for code and infrastructure vulnerabilities.
+ Leverage threat intelligence to prioritize mitigations based on business risk.
**Engineering & Automation**
+ Build and maintain automation tools for vulnerability triage, mitigation, and reporting.
+ Strengthen API security through robust authentication protocols (OAuth 2.0, OpenID Connect, SAML).
+ Integrate with API gateways (e.g., Layer7, MuleSoft) to enforce secure communication and tokenization.
+ Support secure deployment of microservices and distributed systems using best-in-class tooling.
**Security Culture & Enablement**
+ Mentor engineers and analysts, fostering secure development capabilities across teams.
+ Lead internal workshops, onboarding sessions, and lunch-and-learns to promote security awareness.
+ Collaborate with Security Champions to build advocacy and threat modeling expertise.
+ Create internal documentation, playbooks, and training materials aligned with real-world threats.
**Cross-Functional Leadership & Collaboration**
+ Act as a bridge between Security, Engineering, and Product teams to align on secure architecture and SDLC practices.
+ Participate in incident response, forensic analysis, and post-incident remediation.
+ Support compliance initiatives (SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR) through technical guidance and documentation.
+ Define and track KPIs to measure and improve security maturity across the organization.
**Required Qualifications**
+ 5+ years in application security, software engineering, or a related technical security role.
+ Proficient in at least one modern programming language (e.g., Java, C#, Python, JavaScript).
+ Experience with security tools: SAST, DAST, SCA, IaC scanners, RASP.
+ Strong knowledge of cloud infrastructure (AWS preferred), containers (Docker, Kubernetes), and CI/CD security.
+ Familiarity with OWASP Top 10, ASVS, CVSS, MITRE ATT&CK, STRIDE, and software supply chain security.
**Technical Skills**
+ Deep understanding of API security protocols and secure service-to-service communication.
+ Experience with secure artifact/package management and container registries.
+ Ability to script or build internal tools to scale security practices.
+ Hands-on experience with DevSecOps tools (GitHub Actions, Jenkins, GitLab CI, Terraform, etc.).
**Compliance & Governance**
+ Working knowledge of privacy and security regulations (GDPR, CCPA, HIPAA, PCI, SOC 2, ISO 27001).
+ Experience supporting audits, risk assessments, and policy development.
**Preferred Qualifications**
+ Professional certifications (e.g., OSCP, CSSLP, CISSP, Security+).
+ Contributions to open-source security projects or community involvement.
+ Experience with policy-as-code tools (e.g., Open Policy Agent).
+ Familiarity with secure runtimes (e.g., Firecracker), sidecars, or service meshes (e.g., Istio).
**Key Attributes**
+ Strategic thinker with a hands-on, problem-solving mindset.
+ Strong communicator, able to engage both technical and non-technical stakeholders.
+ Collaborative leader with a growth mindset and a passion for mentoring.
+ Comfortable navigating fast-paced, cross-functional environments.
**What We Offer**
Our size and successful history in Carlow means we can offer you exceptional development and progression, supported by continual learning programs, IT Certifications & third level tuition reimbursement. We offer work-life-balance with flexible working arrangements (including hybrid) and initiatives in support of your well-being. Our attractive range of benefits and reward initiatives includes competitive compensation, 25 days annual leave, paid health insurance, pension scheme, annual performance-based bonus, paid maternity/paternity/adoptive leave, reward programs, and an opportunity to engage with charity and community activities.
Company:
Unum

Our Story Unum Technology Centre in Carlow serves as a strategic software development and IT services centre supporting Unum, a leading provider of income protection in the US. Our team of IT professionals build solutions and critical business applications to digitally transform the way we do business. We're looking for a Senior Application Security Engineer to lead the integration of secure development practices across our SDLC in both cloud and on-prem environments. This role combines hands-on technical expertise with strategic influence, focusing on secure architecture, CI/CD automation, and developer enablement. You'll collaborate with cross-functional teams to drive threat modeling, build secure-by-default tooling, and mentor engineers across Ireland and the US-helping to elevate our overall security maturity and culture. Key Responsibilities Secure Software Development & DevSecOps Integration Architect and integrate security into CI/CD pipelines using modern automation and guardrails. Develop secure frameworks, SDKs, and CI integrations to enable frictionless adoption of security controls. Maintain secure coding standards and guidance tailored to our technology stack. Collaborate with DevOps and platform teams to enhance container and infrastructure security (Docker, Kubernetes, IaC). Threat Modeling, Reviews & Remediation Lead threat modeling workshops across product and platform teams. Identify and assess vulnerabilities using SAST, DAST, SCA, manual code reviews, and penetration testing. Promote reusable remediation patterns for code and infrastructure vulnerabilities. Leverage threat intelligence to prioritize mitigations based on business risk. Engineering & Automation Build and maintain automation tools for vulnerability triage, mitigation, and reporting. Strengthen API security through robust authentication protocols (OAuth 2.0, OpenID Connect, SAML). Integrate with API gateways (e.g., Layer7, MuleSoft) to enforce secure communication and tokenization. Support secure deployment of microservices and distributed systems using best-in-class tooling. Security Culture & Enablement Mentor engineers and analysts, fostering secure development capabilities across teams. Lead internal workshops, onboarding sessions, and lunch-and-learns to promote security awareness. Collaborate with Security Champions to build advocacy and threat modeling expertise. Create internal documentation, playbooks, and training materials aligned with real-world threats. Cross-Functional Leadership & Collaboration Act as a bridge between Security, Engineering, and Product teams to align on secure architecture and SDLC practices. Participate in incident response, forensic analysis, and post-incident remediation. Support compliance initiatives (SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR) through technical guidance and documentation. Define and track KPIs to measure and improve security maturity across the organization. Required Qualifications 5+ years in application security, software engineering, or a related technical security role. Proficient in at least one modern programming language (e.g., Java, C#, Python, JavaScript). Experience with security tools: SAST, DAST, SCA, IaC scanners, RASP. Strong knowledge of cloud infrastructure (AWS preferred), containers (Docker, Kubernetes), and CI/CD security. Familiarity with OWASP Top 10, ASVS, CVSS, MITRE ATT&CK, STRIDE, and software supply chain security. Technical Skills Deep understanding of API security protocols and secure service-to-service communication. Experience with secure artifact/package management and container registries. Ability to script or build internal tools to scale security practices. Hands-on experience with DevSecOps tools (GitHub Actions, Jenkins, GitLab CI, Terraform, etc.). Compliance & Governance Working knowledge of privacy and security regulations (GDPR, CCPA, HIPAA, PCI, SOC 2, ISO 27001). Experience supporting audits, risk assessments, and policy development. Preferred Qualifications Professional certifications (e.g., OSCP, CSSLP, CISSP, Security+). Contributions to open-source security projects or community involvement. Experience with policy-as-code tools (e.g., Open Policy Agent). Familiarity with secure runtimes (e.g., Firecracker), sidecars, or service meshes (e.g., Istio). Key Attributes Strategic thinker with a hands-on, problem-solving mindset. Strong communicator, able to engage both technical and non-technical stakeholders. Collaborative leader with a growth mindset and a passion for mentoring. Comfortable navigating fast-paced, cross-functional environments. What We Offer Our size and successful history in Carlow means we can offer you exceptional development and progression, supported by continual learning programs, IT Certifications & third level tuition reimbursement. We offer work-life-balance with flexible working arrangements (including hybrid) and initiatives in support of your well-being. Our attractive range of benefits and reward initiatives includes competitive compensation, 25 days annual leave, paid health insurance, pension scheme, annual performance-based bonus, paid maternity/paternity/adoptive leave, reward programs, and an opportunity to engage with charity and community activities. Company: Unum To be considered for this role you will be redirected to and must complete the application process on our careers page. To start the process, click the Apply button below to Login/Register.

Description
The Global Services, Security (GSS) team, a part of Amazon Web Services, leverages the expertise and ingenuity of our builders to establish scalable security solutions for both internal and external customers that drive business outcomes. Our goal of securing the world's workloads and building a brighter future for humanity requires us to focus on reliable delivery of bar raising security outcomes and investment in security mechanisms and automation on behalf of our customers.
At Amazon Web Services (AWS), Security is our highest priority. The Security Escalations team in GSS is responsible for the security of services offered by Sales, Marketing and Global Services (SMGS). We are looking for a passionate, innovative, results oriented technical program manager. Security Escalations is responsible for driving innovative enhancements that raise the bar for how AWS employees interact with resources, systems, and data. You are someone who loves managing programs and is committed to formulating and implementing wide-ranging process improvements. You are passionate about the security of the cloud and you want to solve real business problems. We have a team culture that encourages innovation and we expect team members and management alike to take a high degree of ownership for their program vision and execution of ideas. You possess strong verbal and written communication skills, can operate independently, and have a consistent track record of delivery. You have an understanding of technical concepts, and possess a broad understanding of AWS services. You are organized, detail-oriented, and drive towards improved performance while advocating for customer needs.
A Security Engineer must foster constructive dialogue and seek resolution when confronted with discordant views. Engineers in this role are expected to participate fully in the planning of the security team's work and constantly seek opportunities for process improvement. They should also have a deep understanding of at least one specialty for which they are a sought out resource (both within AWS and Partner Security, and by groups throughout Amazon), while having an understanding of the application of Information Security in a broad range of technical areas.
You will have the combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include project and software development work. This role will provide career growth opportunities as you gain new security skills in the course of your duties.
Key job responsibilities
A successful candidate will need a combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include small-projects in addition to managing incident response activities. This role will provide career growth opportunities as you gain new security skills in the course of your duties.
Triage new incoming issues to determine the level of risk they present to AWS, and then accordingly prioritise its remediation in conjunction with the impacted service team.
Participate in efforts to promote security throughout the Company and build good working relationships within the team and with others across Amazon
Demonstrate high capacity and tolerance for context switching and interruptions while remaining productive and effective
Escalate issues to senior AWS leadership if you feel your issues are not progressing at the correct pace based on impact to ensure we are putting customers first.
Explore building and improving our tooling to make your own life easier and share that benefit with all our engineers globally.
Assistance with recruiting activities and administrative work
Key job responsibilities
- Lead the triage and response to security incidents, assessing their potential impact on AWS systems and customers.
- Coordinate with service teams to implement rapid, effective remediation strategies.
- Develop and maintain incident response playbooks and procedures.
- Security Operations:
- Monitor security alerts and logs to detect potential threats or anomalies.
- Conduct thorough post-incident analyses and contribute to lessons-learned documentation.
- Collaborate with other security teams to improve detection and response capabilities.
- Automation and Tool Development:
- Design and implement automation tools to enhance incident response efficiency and effectiveness.
- Continuously improve existing security tooling and processes.
- Share innovations and best practices with the global AWS security community.
A day in the life
AWS Global Services includes experts from across AWS who help our customers design, build, operate, and secure their cloud environments. Customers innovate with AWS Professional Services, upskill with AWS Training and Certification, optimize with AWS Support and Managed Services, and meet objectives with AWS Security Assurance Services. Our expertise and emerging technologies include AWS Partners, AWS Sovereign Cloud, AWS International Product, and the Generative AI Innovation Center. You'll join a diverse team of technical experts in dozens of countries who help customers achieve more with the AWS cloud.
About the team
As a Security Engineer, you will build or enhance existing automation to improve operational efficiency or generate new insights from existing data. You will identify, evaluate, and prioritize opportunities for automating Partner Security mechanisms across a diverse landscape of business tools, systems, and architectures. You will meet with other teams across the Global Services organization to collaborate on security mechanisms, like partner onboarding and offboarding workflows, to improve consistency and compliance throughout the organization.
You will contribute to security training programs, best practices documentation, and security policies tailored for internal teams engaging with subcontracted partners. You will implement scalable processes and tooling solutions to facilitate regular audits of partner security controls and compliance standards. Additionally, you will provide technical expertise and support for ongoing security assessments of Partners and subcontractors within the SMGS business units, ensuring adherence to AWS security standards
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why AWS?
Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Mentorship & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
Basic Qualifications
- This role requires you to be a national of an EU member state
- 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Knowledge of commonly found software security vulnerabilities (like OWASP top 10) and remediation techniques
- 2+ years of programming in one of the following or similar: Python, Ruby, Go, Swift, Java, .Net, C++.
Preferred Qualifications
- Experience with AWS products and services
- Experience with any combination of the following: threat modelling, secure coding, identity management and authentication, software development, cryptography, system administration and network security
- Experience with Security Engineering (building tools) and Assurance methodologies e.g. fuzzing, static and dynamic code analysis
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.