I am looking to speak to experienced Application Security Engineers who have worked on DevSecOps projects. Joining the Cyber Security programme, you will be responsible for identifying security gaps in the current DevOps processes & Cloud environments, and proposing solutions to remediate these.
The role is for a well-known media client on a hybrid WFH model with 2-3 days per week working in their Central London head office.
- Working with the AppSec team, discover, develop and update their inventory of production applications and services so vulnerability remediation can be prioritised
- Work with the Cyber Security team, Platform team and Engineering teams to implement automated security tooling within the agreed CI/CD pipelines. e.g. SCA, SAST, IaC, Container Scanning etc.
- Assist the organisation to shift from a DevOps model to a DevSecOps model.
- Automate security testing and vulnerability management procedures wherever possible.
- Work with our Platform Engineering team to ensure the process for deploying containers is secure and container vulnerabilities are remediated prior to deployment.
- Working with the AppSec Lead, provide the overall design and implementation of a gated process for DevSecOps delivery, ensuring alignment with Cyber Security requirements.
- Support with coordinating technical security scanning, testing, application security testing and similar monitoring and validation techniques, where required.
- Minimum 4 years experience of Application Security and Software Development having worked and delivered multiple Application Security projects
- Scoping, development and publication of comprehensive application security standards, policies, procedures and guidelines.
- Discovering, design and implementation of application security frameworks
- Developing and implementing appropriate S-SDLC models
- Experience with SAST, SCA, IaC and Container scanning security tools including the development and reporting of KPI's & continual service improvement processes
- Experience of configuration management tools such as Terraform and Ansible
The expected rate is in the region of £475 outside IR35 (might be flex depending on experience).
There is a very high chance of extension past 6-months.
If the above position sounds of interest please apply with an updated CV.
Lawrence Harvey is acting as an Employment Business in regards to this position. Visit our website and follow us on Twitter for all live vacancies (lawharveyjobs)