Who we are looking for
A Senior Information Security Specialist to focus on the technical side of IT Security, specifically looking at application security and code analysis to ensure applications are built securely.
The Information Security team deal with the security of closed sourced, open source and in house written applications. The objective is to ensure that systems and services are built with privacy and security by design.
You will work closely with the Software Development team to confirm that application based vulnerabilities are understood and mitigated. This is done from a security assessment point of view rather than code QA, therefore code reading skills are desirable.
The team comprises of graduates to time served engineers with backgrounds as sys-admin, networks, service operation as well as security. We use first-class, enterprise-level tools to identify threats to the systems as well as in house developed scripts and internet research.
This role is eligible for inclusion in the Company’s hybrid working from home policy.
Preferred skills and experience
- Broad understanding of technology functions.
- Use of planned, structured methodologies for conducting and reporting on Web Application Penetration Testing.
- Excellent understanding of and demonstrable experience with automated, dynamic and static application security testing tools, as well as manual security testing to find vulnerabilities and logical issues.
- Offensive Security Certified Professional (OSCP) certification or similar.
- Examination of packets using Wireshark and other related tools.
- Understanding of industry standard information security practices.
- Strong communication skills.
- High attention to detail.
- Excellent documentation skills.
- Ability to work to deadlines.
Main Responsibilities
- Providing support to the team leader and technical lead and act as deputy where required.
- Taking a lead role in the project process to ensure that information security aspects are considered up front and throughout the project lifecycle.
- Conducting manual and automated source code review.
- Contributing to and utilising our security testing methodologies, creating and updating technical documentation as necessary.
- Completing security vulnerability analysis or assessment and taking an active role in external audits as necessary.
- Developing an understanding of the Business and supporting junior members of the team.
- Liaising with software development to ensure that security is considered throughout the lifecycle.
- Identifying any security flaws within our software and manage through appropriately, liaising with external bodies where necessary.
- Identifying and developing new tools that could be beneficial in the security testing process.
- Staying up to date with new and emerging threats.
“By applying to us you are agreeing to share your Personal Data in accordance with our Recruitment Privacy Policy - http://www.bet365careers.com/privacypolicy.pdf"