Connecting to LinkedIn...

Technical Security Assurance Lead

Job Title: Technical Security Assurance Lead
Contract Type: Contract
Location: London, United Kingdom
Industry:
REF: 1455
Contact Name: Mark Gale
Job Published: about 1 year ago

Job Description

Technical Security Assurance Lead - London - Retail

 

As Technical Security Assurance Lead you will work across the entire Technology team at this leading retailer, as one of their subject matter experts in Security Assurance supported by your understanding of the wider Cyber Security landscape. You will be primarily supporting their software engineers and architects, as they embark on exciting new projects and programs. Finally, you will be an integral part of developing their software assurance strategy – working closely with the Security Architect and the Secure Engineering Lead.

 

Duties

  • Formalise the Security Assurance function including surrounding activities [full stack from infrastructure up to application]
  • Liaise and manage 3rd parties for penetration testing and assuring testing quality
  • This role will not involve hands on penetration testing, beyond false positive checking
  • Perform second reviews of architectural analysis and security code reviews
  • Work closely with development, compliance and architecture functions within the business to implement security by design
  • Review SAST and DAST reports, providing mitigation and remediation guidance

 

Your experience:

  • An understanding and appreciation of cloud hosted service infrastructure
  • Willing to adapt to API-first microservices software craftmanship
  • Expert level experience in application penetration testing
  • Development experience in one or more of the following languages C#, Java, Swift, JavaScript
  • Good understanding of various Azure services and security components, such as for example KeyVault, Cloud Services, Service Bus, etc
  • The ability to articulate vulnerabilities to development teams to facilitate remediation
  • Experience in threat modelling and or architectural analysis
  • The ability to articulate mitigation and development techniques

 

Initial 3-6 month contract based in London