This role sits within the Cyber Security Programme team reporting to the VP of Integration Projects.
Working within the Programme team you will deliver Application Security & Vulnerability Management Projects via an established project delivery life cycle and under a stage gated governance approach.
A successful candidate will come from a change delivery background and will have held similar positions delivering security projects across a number of security domains. Ideally you will also have knowledge of security control frameworks such as NIST, ISO and CIS 20,
Experience of running Cyber security projects for at least 5+ years
- 10+ years experience of full lifecycle Project management
- Experience delivering Cyber Security Vulnerability (VM) and Application Security projects ideally covering all of the below components.
Vulnerability management:
- Scoping, implementing and embedding VM standards, inventory tools, processes and frameworks for identification, prioritisation and end to end management of different classes of assets & systems across large estates
- Integration of vulnerability management tools such as Rapid 7 to support tagging and automatic ITSM ticketing of incidents in systems such as ServiceNow.
- Designing and implementing processes for end to end life cycle management and remediating vulnerabilities.
Application Security
- Discovering monitoring / alerting solutions across product estates, performing and closing GAP analysis and transitioning across to SOC / Operational teams.
- Identifying, defining and implementing requirements for Application Security tooling. Managing, publishing and evaluating RFI/RFPs and selecting vendors.
- Manage the scoping, development and publication of comprehensive application security and privacy standards, policies, procedures and guidelines.
- Discovering, design and implementation of application security frameworks for ranking/tiering product/application portfolios; including risk factors and data classifications.
- Identifying, developing and implementing appropriate S-SDLC models and frameworks which incorporate tooling.
- Experience delivering PoCs for application security tooling.
- Coordination of pen-testing via 3rd parties, and including establishing schedules for tiered apps across estates.
- Understand change impact to business and developers day-to-day workloads for the remediation of vulnerabilities under an agreed standard.
- Experience with SAST, SCA, IaC and Container scanning security tools including the development and reporting of KPI’s & continual service improvement processes.
Job Information
Job Reference: JO-2212-329575
Salary: £550 - £570 per annum + Hybrid working-OUTSIDE IR356
Salary per: annum
Job Duration: 6 month rolling
Job Start Date: asap
Job Location:
Job Industry:
Job Industries: Cyber Security Jobs
Job Locations: Greater London
Job Types: Contract
Job Skills: Application Security, Cyber, threat