Hybrid Application Security Officer
- Recruiter
- Confidential
- Location
- Borehamwood
- Salary
- Competitive
- Posted
- 22 Jun 2022
- Closes
- 20 Jul 2022
- Sectors
- Facilities Management
- Contract Type
- Permanent
- Hours
- Full Time
Hybrid Application Security Officer required to work in Borehamwood.
You will need to be fully trained first, working in my client's HQ in Borehamwood, then you will be able to work from home 2/3 days a week.
This position comes with great benefits, including excellent pension and decent holidays etc
Job responsibilities:
* Define consistent Secure Software Development Life-cycle practices for all technology projects throughout the planning and delivery cycles that assure that application security risks are mitigated. Including SAST/DAST and SCA.
* Work closely with wider teams to perform/lead assessments to risk profile new and existing IT applications/assets, Security architecture and low-level application Security design.
* Provide SME input for security measures and controls that must be incorporated as security in design for mitigation of risk during, new application on-boarding, project delivery, or enhancements to existing IT assets.
* Working with wider IT teams review projected compliance of the IT asset to security controls and measures recommended, and feed into various Security and Architecture review committees with a security decision or reservations.
* Provide guidance during mitigation development.
* Security verification and validation via scheduling and coordination of penetration testing/re-tests, including collaborating with development teams to ensure remediation of risks identified.
* Work with Business & IT Continuity Officer to ensure the Critical Asset recovery plans are up to date and adequate scenarios for BCP/Disaster recovery are well established, planned and tested
Skills required:
* In-depth knowledge of security concepts, OWASP Top 10 and CWE 25
* Worked on Legacy systems, integrated to IT applications & assets
* Design Risk Profile Application
* Understanding of current and emerging security technologies and threats.
* Proficient with methodologies, tools, best practices and processes across various cyber-security areas
* Proven experience with threat modelling and risk analysis
* Experience coordinating pen testing/vulnerability analysis frameworks and tools
Please send in your CV if you have the above skills and you would like to grow alongside a well-established Company, based in Borehamwood
You will need to be fully trained first, working in my client's HQ in Borehamwood, then you will be able to work from home 2/3 days a week.
This position comes with great benefits, including excellent pension and decent holidays etc
Job responsibilities:
* Define consistent Secure Software Development Life-cycle practices for all technology projects throughout the planning and delivery cycles that assure that application security risks are mitigated. Including SAST/DAST and SCA.
* Work closely with wider teams to perform/lead assessments to risk profile new and existing IT applications/assets, Security architecture and low-level application Security design.
* Provide SME input for security measures and controls that must be incorporated as security in design for mitigation of risk during, new application on-boarding, project delivery, or enhancements to existing IT assets.
* Working with wider IT teams review projected compliance of the IT asset to security controls and measures recommended, and feed into various Security and Architecture review committees with a security decision or reservations.
* Provide guidance during mitigation development.
* Security verification and validation via scheduling and coordination of penetration testing/re-tests, including collaborating with development teams to ensure remediation of risks identified.
* Work with Business & IT Continuity Officer to ensure the Critical Asset recovery plans are up to date and adequate scenarios for BCP/Disaster recovery are well established, planned and tested
Skills required:
* In-depth knowledge of security concepts, OWASP Top 10 and CWE 25
* Worked on Legacy systems, integrated to IT applications & assets
* Design Risk Profile Application
* Understanding of current and emerging security technologies and threats.
* Proficient with methodologies, tools, best practices and processes across various cyber-security areas
* Proven experience with threat modelling and risk analysis
* Experience coordinating pen testing/vulnerability analysis frameworks and tools
Please send in your CV if you have the above skills and you would like to grow alongside a well-established Company, based in Borehamwood