Job Title: | Application Security Lead |
Contract Type: | Permanent |
Location: | Reading |
Industry: | |
Salary: | Negotiable |
Start Date: | ASAP |
REF: | App Security Lead_1661504411 |
Contact Name: | Nicole Craig |
Contact Email: | Nicole.Craig@projectpeople.com |
Job Published: | over 1 year ago |
Job Description
Role: Application Security Lead
Location: Reading/Hybrid
Length: Permanent
A leading telecoms company are looking for an experienced Application Security Lead to join their team based in Reading.
Responsibilities:
- Provide guidance on application security architecture, DevSecOps best practices & solutions to help business units to build & deliver solutions that meet security requirements.
- Develop threat models and maturity assessments that can be used to integrate security requirements into projects & operations.
- Create an application security observability framework to enable greater GSOC visibility by identifying best practices for logging within common application architectures.
- Define and conduct application security threat and risk assessments with methodology for all deployed solutions with ability to integrate into development pipelines.
- Conduct Secure SDLC (Software Development Life Cycle) workshops and working groups to facilitate a consistent set of security baselines for application security.
- Advocate for AppSec and DevSecOps from research conducted into modern threats and new technologies such containerisation and serverless computing.
- Liaise with security architects and other business units to communicate security practices and processes.
- Support identification, training, and partnership with champions for security across to build a security first culture.
- Support security champions by helping them assess risk, learn to identify architectural gaps, and similar activities.
- Support development of training related to application security, security architecture, threat modelling, and secure coding.
Experience & Skills:
- A University Degree in engineering, computer science or similar technical related area, with vast experience in an AppSec role.
- Relevant security certification(s), preferably in AppSec, including but not limited to CISSP, CCSLP, GIAC, OCSP, GPEN, etc.
- You have knowledge and proven experience within Information security, Application security (OWASP), Cloud security, and secure continuous delivery.
- Experience with the full secure software or systems development life cycle, including requirements analysis, design, integration, testing, and implementation.
- A deep technical background in large-scale multi-tenant & container based cloud environments.
- Comfortable with large codebases that are using multiple languages and infrastructure as code.
- You are comfortable delving into code when needed, review pull requests and stay close to the team's work.
- A good understanding of business needs and objectives.
- Ability to drive change and take initiative in a self-sufficient way.
- Understanding of Agile development and systems thinking.
- Experienced in defining a strategy to follow and adopting that strategy across large multi-role teams.
- Outstanding interpersonal skills, and ability to build strong relationships across a dynamic, growing team.
- Can provide pragmatic technical leadership for a group of fast moving engineers.
Project People is acting as an Employment Agency in relation to this vacancy.
SIMILAR ROLES
-
Lead Cyber Security Consultant- Contract - Hybrid -Reading
Location: Reading
Salary: Negotiable
-
Network Build Engineer (Juniper/Cisco/JNICA/CCNA)
Location: Bracknell
Salary: Negotiable
-
Security Architect
Location: Hampshire
Salary: Negotiable
-
HEAD OF INFORMATION SECURITY OPERATIONS- CONTRACT
Location: Reading
Salary: Negotiable
-
Messaging Engineer
Location: Stevenage
Salary: Negotiable
-
3rd Line WAN Network Support & Project Engineer
Location: Solihull
Salary: Negotiable