Lead Software Security Engineer

Job Description

Ideas | People | Trust

We’re BDO, an accountancy and business advisory firm providing the advice and solutions entrepreneurial organizations need to navigate today’s changing world.

We work with Britain’s economic engine—ambitious, entrepreneurial, high-growth businesses—and directly advise their owners and management teams.

We’ll broaden your horizons

Our IT team collaborates across departments to develop and implement innovative ideas, shaping the future of accounting, tax, and business consulting. They maintain essential technology and adopt new financial technical solutions to drive progress. As part of our IT team, you’ll be supported and trained to achieve your goals.

We’ll help you succeed

Our reputation is built on delivering high-quality advice through deep understanding and strong relationships with clients. You’ll work proactively and collaboratively, communicating with senior managers and partners to enhance our services and identify new opportunities.

We are seeking a highly motivated Lead Software Security Engineer to support our Digital Product Management team. You will have a strong background in software development, security, and operations, embedding security best practices into new digital products and services, and working closely with security and product teams.

In this role, you will:

1. Collaborate with development teams to integrate security into the development lifecycle.
2. Lead the cultural shift towards a Security DevSecOps mindset.
3. Manage security controls, tools, and processes for applications and infrastructure.
4. Monitor and respond to security incidents promptly.
5. Stay updated on security trends and improve security posture.
6. Automate security testing and deployment processes.
7. Develop security documentation and training materials.
8. Define and implement the product security strategy.
9. Integrate security tools within existing development processes.
10. Plan and execute application penetration tests.
11. Serve as a Subject Matter Expert in Application Security.
12. Ensure security Non-Functional Requirements (NFRs) are met.
13. Report on compliance with security standards.

You’ll be someone with:

• Significant experience in software development and security.
• Proficiency in scripting languages such as PowerShell, YAML, JSON.
• Experience integrating security into SDLC and managing vulnerabilities.
• Knowledge of risk assessments, threat modeling, and security design reviews.
• Strong understanding of Agile, DevSecOps, and system engineering principles.
• Familiarity with security standards like NCSC, OWASP, NIST SSDF, ISO27001, and Azure security practices.
• Experience with Azure cloud infrastructure, PaaS, and DevOps tools.
• Ability to prepare and present security reports to senior management.
• Degree in Computer Science, Cybersecurity, or related field (preferred).

We value authenticity and support flexible working arrangements. We are committed to your career development through various programs and resources.

We’re in it together

Mutual support and respect are core to BDO’s culture. We offer mentoring, coaching, and state-of-the-art collaboration spaces to foster learning and teamwork. We encourage you to build your network and share your expertise.

We’re looking forward to the future

Our success depends on our people. We invest in your growth as we help entrepreneurial businesses succeed, fueling the UK economy. We are evolving to maintain our strengths and build on our global reach, integrity, and expertise. We shape the future with openness and clarity, empowering creative thinking to improve our ways of working.

#TJ-JB1

#LI-JB1