Enable job alerts via email!
Technical Security Consultant
www.findapprenticeship.service.gov.uk - Jobboard
London
On-site
GBP 100,000 - 125,000
Full time
Job summary
A government job board in London is seeking a Security Subject Matter Expert to perform security activities including risk assessments and vulnerability management. The role involves acting as the main contact for security within project planning and execution, reviewing security design and assessment reports, and advising on regulatory requirements. Strong experience with DevSecOps and web application security assessments is required. Competitive compensation and benefits included.
Qualifications
- Experience in security design reviews, risk assessments, and threat modeling.
- Proven experience with DevSecOps practices including CI/CD pipelines.
- Strong knowledge of web application security assessments.
Responsibilities
- Perform security activities including risk assessments and vulnerability management.
- Act as the main contact and SME for security.
- Conduct technical risk assessments and provide advisory services.
Job description
Role responsibilities:
* Perform security activities, including but not limited to, security design reviews, risk assessments, threat modelling, and vulnerability management and risk mitigation
* Act as the main security point of contact & SME
* Conduct High Level & Low-Level technical risk assessments
* Act as the Security subject matter expert within Agile/waterfall project planning, development, and execution
* Obtain and review all required artefacts as part of the application security framework
* Conduct document and conceptual design reviews
* Experience with DevSecOps (eg CI/CD pipelines), developing security requirements
* On-demand Security assessment of various components like Web apps, Containers, Cloud Platforms etc
* Reviewing security assessment reports and create a remediation pipeline
* Experience in web application security assessments like SAST, DAST and IAC etc.
* Drive security evaluation early in the cycles through iterative security testing
* Provide advisory services and direction to development teams during development cycles
* Manage control exemptions/remediations identified through projects
* Advise on external regulatory requirements
* Provide metrics for relevant areas of responsibility when required
* Challenge stakeholders to ensure security is efficiently delivered
* Mediate between development and security teams to facilitate business.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
