Work within teams to establish their security practices, supporting the design and testing of the service being delivered for both application and infrastructure. Is viewed as an authority figure for security and will bring strong technical leadership including mentoring and coaching Kainos people to strengthen our security capability across the organisation.
- Hands on security testing of application and infrastructure security.
- Working across a team(s) to lead on secure design of application and infrastructure
- Champion of security practices across the team, implementing security processes to support secure development.
- Implement automated security testing as part of a deployment pipeline.
- Taking responsibility for security issues identified during testing and work with team to re-mediate.
- Establish and champion pragmatic security practices to be followed when a service moves
into live operation.
- Lead technical aspects of forensic investigations into security incidents.
- Coaching and mentoring technical staff to develop their security understanding and skills.
- Works with teams on providing estimates for deliverables.
Required experience and skills:
- Demonstrable experience of testing the security of software and infrastructure using tools
such as Burpsuite, Nessus, OpenVAS etc.
- Experience of implementing secure design across software and infrastructure areas.
- Experience of being able to review and assess software and infrastructure source code from a security standpoint.
- Experience of securing Linux / Windows Operating Systems.
- Strong scripting skills to support security testing.
- Has advised architects, developers and webops(infrastructure) people on security practices.
- Has coached and mentored junior and experienced technical staff.
- Able to make effective decisions within fast moving Agile delivery.
- Ability to work effectively within highpressure live service environments.
- Able to simply and clearly communicate security design in conversation, documentation and presentations, tailoring their conversation to suite the appropriate audience.
- Able to work well in a collaborative team consisting of multi disciplined people.
- Has an open attitude to sharing information.
- Experience of working with development and operational teams.
- Experience of working in an Agile environment.
- Experience of cloud providers such as AWS / Azure.
- Experience of automated security testing.
- Experience of managing security working in a Continuous Delivery environment.
- Experience of configuration management tools such as Puppet or Ansible.
- Penetration testing qualifications e.g. GIAC, CREST or equivalent
- Contributed as a security researcher/bug bounty hunter.
Kainos is a professional services organisation with clients spread across the globe and we deliver projects both from client site, and from our offices. While we will attempt to base you on projects near or at your contracted office location, you need to be willing to travel to client sites and spend time away during the week if it is required.
Given the range and nature of work that we carry out for our clients, all Kainos employees are required to possesses up to date security clearance (Basic Disclosure, Access NI etc), if you do not already possess this, you will be asked to apply for it prior to joining Kainos. Details on how to apply for this will be included in your offer letter