Job Description
A Security Champion is required for the Open Banking Programme. Working across Development teams, reviewing of Systems Designs and Architecture, inc. Operations and Governance, engagement with Industry to assess impact of imposing changes to the Banks infrastructure and/or solution design, translating Industry security requirements internally. Perform threat analysis and creating threat models.
Mandatory Skills:
-
System Analysis
-
Full Stack
-
Jenkins
-
Spring Security
-
Continues Delivery
-
Scrum/Agile
-
Software Deployment
-
Systems Administration
-
Testing
Desirable Skills:
-
Software Architecture
-
Postman
-
Sonarqube
Key Responsibilities:
-
Design & execute security testing against implemented solutions, exposing vulnerabilities and supporting with the design of secure fixes/solutions.
-
Security Support to Developers, analyse code design, static code reviews for security issues / provide guidance on best practices.
-
Co-ordinate Pentesting with InfoSec, review PenTest reports, identify solutions/ close vulnerabilities with dev team
Team Structure:
-
Derive attack approaches and review User Stories or design changes with solution architecture.
-
Build security user stories, review stories with security acceptance criteria for unit testing purposes.
-
Ensure requirements have been assessed against the OWASP ASVS Requirements, help to review security sensitive code.
-
Static Security Analysis Testing (SAST) using Automated pipeline builds.
Additional Information:
-
Provide guidance on: Secure headers, Relevant playbooks, Hardening of runtimes, Use of open-source libraries, Safe configuration of web applications, Secure coding guidelines.
-
Maintain good understanding of Public Key Infrastructure, Cryptography.
Personal Or Behavioural skills
-
Work with architecture on secure architecture patterns such as OAuth2.0 / OpenID / CIBA or MODRNA.
-
Understand security risks, document them and feed into the backlog / ORA / Project RAID log.
-
Determine Security solutions to address any security concerns.
Menu
Close
