About the role
The Digital Security Assurance Engagement Lead is responsible for the enablement of security assurance activities and secure software delivery controls for projects. This is a service provider role, focused on providing Vendor management, understanding business requirements and Security Assessment work.
Key Responsibilities
- Provide cost estimations to projects and minor works for security assurance activities.
- Facilitate vendor security assessments, including determining scope with project teams, engaging with vendors for SOWs & proposals, coordinating and liaising with security consultants, and sharing results to projects
- Assist the digital security assurance manager with understanding, managing and optimising ongoing costs associated with security assessment vendors.
- Ensure that vendor security assessments are priced in line with their scope.
- Provide regular reporting on security assurance activities.
Mandatory Experience
- Vendor Management (External and Internal consultants)
- Experience working with security assurance consultancies and consultants (e.g. penetration testers)
- Kowledge of ISM, PCI-DSS or OWASP
Desirable Experience
- Experience working with large and complex projects in consulting, architecture and/or design roles
- Experience working with senior stakeholders, including general managers, head's of IT
- knowledge of information security best practices across applications and infrastructure
- Strong understanding of software development lifecycle from concept and ideation through to implementation and operation
- Strong understanding of white, grey and black box penetration testing methodologies
- Strong understanding of security vulnerabilities across all landscapes (e.g. application, infrastructure, network, mobile, etc.)
For more information please contact Ben Neal on 0380807217, and quote the title or #206532
Looking forward to hearing from you!
