Secure System Development Specialists
| Dyddiad hysbysebu: | 24 Medi 2025 |
|---|---|
| Cyflog: | £33,800 i £34,800 bob blwyddyn |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 24 Hydref 2025 |
| Lleoliad: | London, UK |
| Gweithio o bell: | Ar y safle yn unig |
| Cwmni: | BANSI GLOBAL SOLUTIONS LTD |
| Math o swydd: | Cytundeb |
| Cyfeirnod swydd: |
Crynodeb
Job Purpose:
The Secure System Development Specialist is responsible for ensuring that all software and systems are designed, developed, and maintained in line with secure coding principles, regulatory requirements (e.g., ISO 27001, NIST, GDPR, UK Cyber Essentials), and organizational security policies. The role focuses on building resilience into applications and infrastructure from the outset, reducing vulnerabilities, and enabling compliance with internal and external security standards.
Key Duties and Responsibilities
1. Secure Software Development
Apply secure coding practices throughout the Software Development Life Cycle (SDLC).
Review, design, and implement system architecture to mitigate security risks.
Conduct static and dynamic code analysis to identify vulnerabilities.
Ensure integration of security controls into CI/CD pipelines.
2. Security Reviews and Assurance
Perform security reviews of requirements, designs, and code before release.
Collaborate with DevOps and QA teams to embed automated security testing.
Provide remediation guidance to developers on identified vulnerabilities.
Validate third-party libraries and APIs for security compliance.
3. Compliance and Standards
Ensure software systems comply with regulatory frameworks (e.g., UK GDPR, UK NCSC guidance, PCI DSS, ISO 27001).
Maintain awareness of UKVI, Home Office, and government IT compliance requirements if applicable.
Document development processes, security controls, and assurance evidence for audits.
4. Risk and Incident Management
Participate in threat modelling, risk assessments, and penetration testing planning.
Investigate reported vulnerabilities or breaches in custom applications.
Support incident response teams with technical analysis and fixes.
5. Training and Awareness
Train and mentor developers in secure coding and best practices.
Promote a “security by design” culture across IT and project teams.
The Secure System Development Specialist is responsible for ensuring that all software and systems are designed, developed, and maintained in line with secure coding principles, regulatory requirements (e.g., ISO 27001, NIST, GDPR, UK Cyber Essentials), and organizational security policies. The role focuses on building resilience into applications and infrastructure from the outset, reducing vulnerabilities, and enabling compliance with internal and external security standards.
Key Duties and Responsibilities
1. Secure Software Development
Apply secure coding practices throughout the Software Development Life Cycle (SDLC).
Review, design, and implement system architecture to mitigate security risks.
Conduct static and dynamic code analysis to identify vulnerabilities.
Ensure integration of security controls into CI/CD pipelines.
2. Security Reviews and Assurance
Perform security reviews of requirements, designs, and code before release.
Collaborate with DevOps and QA teams to embed automated security testing.
Provide remediation guidance to developers on identified vulnerabilities.
Validate third-party libraries and APIs for security compliance.
3. Compliance and Standards
Ensure software systems comply with regulatory frameworks (e.g., UK GDPR, UK NCSC guidance, PCI DSS, ISO 27001).
Maintain awareness of UKVI, Home Office, and government IT compliance requirements if applicable.
Document development processes, security controls, and assurance evidence for audits.
4. Risk and Incident Management
Participate in threat modelling, risk assessments, and penetration testing planning.
Investigate reported vulnerabilities or breaches in custom applications.
Support incident response teams with technical analysis and fixes.
5. Training and Awareness
Train and mentor developers in secure coding and best practices.
Promote a “security by design” culture across IT and project teams.