Your skills and experience:
- An Application Security background with associated experience and qualifications
- Excellent written and verbal communication skills
- Have a push left mentality
- Help engineers understand vulnerabilities from various sources and how to prioritise them
- Have knowledge of the Secure Software Development Lifecycle
- Understand and establish the OWASP ASVS across the platform
- Understand and assess current software development practices against OWASP SAMM
- Understand and be able to communicate the application of Secure Coding Practices
- Knowledge of current browser security features
- Knowledge of best practice for both front and backend applications
- Knowledge of Dynamic Application Security Testing and implementation
- Knowledge of Static Application Security Testing and implementation
The following would be beneficial:
- Knowledge of Scala or have a software development background
- Experience of establishing a security champion programme or developing and fostering a security community
- Knowledge of the PCI DSS
- An understanding of Supply Chain security, standards, and best practice