Head of Application Security - West Midlands (Region), United Kingdom - Akkodis

Akkodis
Akkodis
Verified Company
West Midlands (Region), United Kingdom

1 week ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

Job Title:
Head of Application Security

Location:
West Midlands

Duration:
Permanent

Salary:
£75,000- £90,000

Primary Responsibilities:


  • Defining developer secure coding practices and ensuring that developers and QA/test personnel are trained with the appropriate level of security knowledge to perform their daily activities;
  • Improving and maintaining secure development standards;
  • Managing penetration testing services, including delivering a continuous penetration testing programme and driving remediation;
  • Supporting supplier security activities to ensure thirdparty software development meets company security standards;
  • Integrating threat modelling practices into the product/software development lifecycle;

Key Dimensions:


  • The role holder must be able to work with and influence developers, suppliers, QA/test, and Project/Programme delivery colleagues across the whole company eco system. Strong leadership skills and effective management of highly technical individuals is critical.
  • Excellent verbal and written communication skills, including experience speaking to leadership and technical colleagues, and writing technical documents

Professional Experience:


  • Familiarity with waterfall and agile development processes, and experience of integrating secure development practices into both methods.
  • Ability to work at senior level and ensure that tactical activity supports the strategic picture.
  • Commercial experience from product selection through to vendor relationship and service management.
  • Agility of thought and comfort with complexity, together with the patience and resilience to overcome change inertia.
  • The will to succeed in support of the business' goals and to align potentially competing agendas to effectively manage cyber security risk within the business risk appetite.
  • Familiarity with a variety of development and testing tools (SAST and DAST), for example; Visual Studio, Tenable/Nessus, Git, Azure DevOps Pipelines, SonarQube.
  • Ability to explain vulnerabilities and weaknesses described in commonly used frameworks, for example; OWASP Top 10, WASC TCv2, and/or CWE 25 to any audience, and to discuss effective defensive techniques.
  • Familiarity with industry standards and regulations e.g.; PCI, ISO27001, NIST, etc
  • Preferred or willing to work towards recognised security related qualifications (e.g. CISM, CISSP).
Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers.
More jobs from Akkodis
See all jobs of Akkodis