Lead Software Security Engineer

at  BDO

IDEAS | PEOPLE | TRUST

We’re BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today’s changing world.
We work with the companies that are Britain’s economic engine – ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them.

WE’LL HELP YOU SUCCEED

Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships.
You’ll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO’s partners to help businesses effectively. You’ll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with.
We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls.

In this busy and rewarding role, you’ll also:

• Collaborate with software development teams to integrate security into the development lifecycle
• Own the cultural shift to a Security DevSecOps mindset
• Manage & implement security controls, tools, and processes to secure applications and infrastructure
• Monitor and respond to security incidents and threats in a timely manner
• Stay up-to-date with security trends and best practices to continuously improve security posture
• Automate security testing and deployment processes to ensure rapid and secure delivery of software
• Develop and maintain security documentation and training materials
• Develop and implement the product security strategy in alignment with organisational goals
• Integrate Application Security Tools within existing Development Processes
• Assist with the Planning & Execution of Application Penetration Tests
• Serve as a Subject Matter Expert (SME) in the field of Application Security
• Define security NFR’s and ensure these are met
• Report on compliance with security standards

• Collaborate with software development teams to integrate security into the development lifecycle
• Own the cultural shift to a Security DevSecOps mindset
• Manage & implement security controls, tools, and processes to secure applications and infrastructure
• Monitor and respond to security incidents and threats in a timely manner
• Stay up-to-date with security trends and best practices to continuously improve security posture
• Automate security testing and deployment processes to ensure rapid and secure delivery of software
• Develop and maintain security documentation and training materials
• Develop and implement the product security strategy in alignment with organisational goals
• Integrate Application Security Tools within existing Development Processes
• Assist with the Planning & Execution of Application Penetration Tests
• Serve as a Subject Matter Expert (SME) in the field of Application Security
• Define security NFR’s and ensure these are met
• Report on compliance with security standard