Skip to main content Skip to job search

Application Security Engineer - Open Banking

Application Security Engineer - Open Banking

  • Location: Swindon, London, UK Wide
  • Salary: Competitive
  • Contract Type: Permanent
  • Ref: R002801313
  • Closing Date: 26 August 2019

Job description

Application Security Engineer

Location: Swindon & London

It’s easy to misunderstand what Nationwide is like. Why? Because we’re not like a bank. We’re not like other financial services companies either. As an Application Security Engineer here, you’ll sit within a growing delivery team optimising user and member experience, working at the heart of our IT estate on our Financial Crime and Risk applications.

Who we're looking for

You. We hope, anyway. We are looking for an Application Security Engineer with experience in designing for security and secure programming – working as a security engineering subject matter expert across our verity of systems portfolio and more specifically on our Open Banking Compliance programme.

You should have demonstrable experience in aspects of…

• Full appreciation of Software Development Lifecycles and knowledge of Agile and DevSecOps
• Programming languages (.Net, Java…), and their strengths and weaknesses in regard to security and their application (Software development background is beneficial)
• Application perimeter defence (i.e. Web Application Firewalls)
• API gateway and Service Mesh and their security implications (i.e. APIGEE, ISTIO…)
• Design for security, threat modelling and application security methodologies and frameworks (i.e. Microsoft SDL,OWASP ASVS…)
• Distributed systems security architectures (Microservices, containerisation, container orchestration systems [i.e. K8s], cloud application security concepts…)
• Enterprise Application Integration patterns and their relevant security concerns (SOAP based Service Oriented Architecture, SOA with REST…)
• Distributed SQL and NoSQL databases and the concept of eventual consistency and integrity assurance (i.e. Cassandra)
• Authentication and authorisation protocols (i.e. OAuth2.0, OpenID Connect, Attribute Based Access Control (ABAC), Role Based Access Control (RBAC))
• Security tokens and their design (i.e. SAML, JWT, Kerberos tickets)
• Cryptographic primitives and protocols and their applications and limitations

What you'll be doing

You will be involved in all phases of the Software Development Lifecycle, thinking end to end. You will be the security engineering subject matter expert and will work alongside other engineers to deliver both technical and design outcomes as well as collaborating across other technical delivery and support areas, providing advice and consultancy. It is worth mentioning that security engineers are mainly accountable for the Protect function of our enterprise cybersecurity framework.

• Engagement with programmes & projects to provide expert input from early life through to production support
• Accountable for Detailed Design for Security and Secure Programming
• Engineering of Secure Software solutions, including design & code reviews from security perspective
• Threat modelling
• Understanding the business impact of technical problems and be comfortable making risk assessments

The extras you'll get

Feeling as though you belong means feeling valued, recognised and rewarded. We aim to give all of our people a good work-life balance, so you’ll receive your schedule in advance, helping you to work around your day-to-day life, and we show our support through the recognition and rewards scheme we offer.


We’d love it if you joined us. Click apply today and send us your CV to take the first step towards building society, nationwide. Please note: To help us do the right thing by our members, all applicants will be subject to a criminal record, credit check and references.

Work with PRIDE

Princes Responsible Business Network
Stonewall Diversity Champion
Business Disability Forum Member

Why work for us?

Nationwide is the world’s largest building society. But, however large we grow, we will never lose sight of what makes us different: our commitment to our members and to building our society in the right way. Our goal is to be more than a business. We want to be known as an organisation that is always open, honest and trustworthy, where people are helped, supported and loyal. After all, we’re a building society. So we’re building our ‘society’ with a sense of community and with a collective belief in the idea that we’re all here to help each other. That’s what we’re all about and that’s what makes us different.