Job Description
A Security Champion is required for the Open Banking Programmed. Working across Development teams, on going reviews of Systems Design & Architecture, inc. Operations & Governance, ongoing engagement with Industry to assess impact of imposing changes to the Banks infrastructure and/or solution design, translating into requirements. Perform threat analysis at different stages modelling system.
Key Responsibilities:
-
Review / feedback on the proposed specifications provided by Open Banking, attend workshops to review specifications from a security perspective, determine imposing changes to the Banks infrastructure and or solution design translating these into requirements.
-
Security Support to Developers, analyse code design, static code reviews for security issues / provide guidance on best practices.
Team Structure:
-
Derive attack approaches and review User Stories or design changes with solution architecture.
-
Build security user stories, review stories with security acceptance criteria for unit testing purposes.
-
Ensure requirements have been assessed against the OWASP ASVS Requirements, help to review security sensitive code.
-
Static Security Analysis Testing (SAST) using Automated pipeline builds.
Personal Or Behavioural Skills:
-
Provide guidance on: Secure headers, Relevant playbooks, Hardening of runtimes, Use of open-source libraries, Safe configuration of web applications, Secure coding guidelines.
-
Maintain good understanding of Public Key Infrastructure, Cryptography.
-
Coordinate PenTesting with Information Security, review PenTest reports and identify solutions/ close vulnerabilities with dev teams.
Menu
Close
