Lead Software Security Engineer

Ideas | People | Trust

We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world.

We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them.

We'll broaden your horizons

To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, explore, and implement new ideas helping us to change the future of accounting, tax, and business consulting. They also maintain the technology that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. You could too. In an IT role at BDO, you'll become part of a team that acts as the backbone for our business. Regardless of your skillset, we'll provide the training and support to help you achieve your goals.

We'll help you succeed

Leading organisations trust us because of the quality of our advice. That quality stems from a thorough understanding of their business, built through close collaboration and long-lasting relationships.

As a candidate, you'll be comfortable working proactively and managing your own tasks, as well as collaborating with others and communicating regularly with senior managers, directors, and partners to support businesses effectively. You'll be encouraged to identify opportunities to enhance our delivery and expand our services.

We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role supports the Digital Product Management team by embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build appropriate security controls and quality gates across the product lifecycle, including security tooling.

In this role, you'll also:

1. Collaborate with software development teams to integrate security into the development lifecycle.
2. Lead the cultural shift towards a Security DevSecOps mindset.
3. Manage and implement security controls, tools, and processes to secure applications and infrastructure.
4. Monitor and respond to security incidents and threats promptly.
5. Stay updated with security trends and best practices to improve our security posture.
6. Automate security testing and deployment processes for rapid and secure software delivery.
7. Develop and maintain security documentation and training materials.
8. Develop and implement the product security strategy aligned with organizational goals.
9. Integrate Application Security Tools within existing development processes.
10. Assist with planning and executing application penetration tests.
11. Serve as a Subject Matter Expert (SME) in Application Security.
12. Define security Non-Functional Requirements (NFRs) and ensure compliance.
13. Report on compliance with security standards.

You'll be someone with:

1. Strong experience in software development and security.
2. Proficiency in scripting languages such as PowerShell, YAML, JSON, etc.
3. Experience collaborating with development teams to embed security best practices into the SDLC.
4. Experience overseeing vulnerability management and remediation efforts, including responses to pen test findings.
5. Experience conducting risk assessments and threat modeling.
6. Knowledge of security standards and secure development principles (e.g., NCSC, OWASP, NIST SSDF, ISO27001).
7. Experience with Azure cloud infrastructure, especially Azure PaaS.
8. Experience with Azure DevOps, CI/CD, and backlog management.
9. Ability to prepare and present security reports to senior management.
10. Expertise with security tools and DevSecOps processes.
11. Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferred).

We value authenticity and support agile working, offering flexible ways to work that suit you and your team. We are committed to your career development through various programs, resources, and frameworks.

We foster a people-centred culture based on mutual support and respect. Our state-of-the-art collaboration spaces and multidisciplinary events encourage continuous learning and networking.

At BDO, we aim to empower entrepreneurial businesses to succeed, fueling the UK economy. Our success is driven by our people, and we continually invest in your growth. We are confident in our future, building on our strengths with a focus on global reach, integrity, and expertise. We shape the future together with openness and clarity, encouraging innovative thinking to improve our ways of working.