Job Description Ideas | People | Trust We’re BDO. Anaccountancy and business advisory firm, providing the advice andsolutions entrepreneurial organisations need to navigate today’schanging world. We work with the companies that are Britain’seconomic engine – ambitious, entrepreneurially-spirited and highgrowth businesses that fuel the economy - and directly advise theowners and management teams that lead them. We’ll broaden yourhorizons To ensure our services and applications are fit for themodern market, our IT team collaborates with every department. Theydevelop, they explore and they implement the new ideas helping usto change the future of accounting, tax and business consulting.But, just as importantly, they maintain the tech that keeps usadvancing. By testing and adopting the future of financialtechnical solutions, they find new and exciting ways to drive usforward. And you could too. In an IT role at BDO, you’ll becomepart of a team that act as the backbone for our business. No matterwho you are or what your skillset is, we’ll give you the trainingand support you need to achieve whatever you put your mind to.We’ll help you succeed Leading organisations trust us because ofthe quality of our advice. That quality grows from a thoroughunderstanding of their business, and that understanding comes fromworking closely with them and building long-lasting relationships.You’ll be someone who is both comfortable working proactively andmanaging your own tasks, as well as confident collaborating withothers and communicating regularly with senior managers, directors,and BDO’s partners to help businesses effectively. You’ll beencouraged to identify and draw attention to opportunities forenhancing our delivery and providing additional services toorganisations we work with. We are seeking a highly motivated andexperienced Lead Software Security Engineer to join our team. Youwill have a strong background in software development, security,and operations. This role is required to support the DigitalProduct Management team in embedding security requirements and bestpractices into new Digital Products and Services. You will workclosely with the Digital Product Management and IT Security teamsto establish and build the right security controls and qualitystate gates across the product lifecycle. This includes securitytooling to manage these controls. In this busy and rewarding role,you’ll also: Collaborate with software development teams tointegrate security into the development lifecycle Own the culturalshift to a Security DevSecOps mindset Manage & implementsecurity controls, tools, and processes to secure applications andinfrastructure Monitor and respond to security incidents andthreats in a timely manner Stay up-to-date with security trends andbest practices to continuously improve security posture Automatesecurity testing and deployment processes to ensure rapid andsecure delivery of software Develop and maintain securitydocumentation and training materials Develop and implement theproduct security strategy in alignment with organisational goalsIntegrate Application Security Tools within existing DevelopmentProcesses Assist with the Planning & Execution of ApplicationPenetration Tests Serve as a Subject Matter Expert (SME) in thefield of Application Security Define security NFR's and ensurethese are met Report on compliance with security standards You’llbe someone with: Strong experience in software development andsecurity Proficient in scripting languages such as Powershell,YAML, JASON, etc. Collaborate with development teams to integratesecurity best practices into the secure software developmentlifecycle (SDLC) and ensure products are built securely Overseevulnerability management and remediation efforts, including leadingresponses to pen test findings and security assessments Experienceconducting risk assessments and threat modelling for softwaredevelopment and advise where necessary Experience in softwaresecurity design review Strong knowledge of Agile, DevSecOps, SystemEngineer and or equivalent Knowledge of security standards andsecure development principles such as NCSC Secure Development &Deployment Guidance, OWASP, NIST Secure Software DevelopmentFramework (SSDF - 800-218), Microsoft Azure Secure Development bestpractices, ISO27001 Experience with Azure cloud infrastructure,particularly Azure PaaS service Experience with Azure DevOps,particularly CI/CD and backlog management Prepare and presentregular security reports to senior management, ensuring compliancewith security standards and regulations Expertise with securitytools and familiarity with DevSecOps processes Bachelor's orMaster's degree in Computer Science, Cybersecurity, or relatedfield (preferable) You’ll be able to be yourself; we’ll recogniseand value you for who you are and celebrate and reward yourcontributions to the business. We’re committed to agile working,and we offer every colleague the opportunity to work in ways thatsuit you, your teams, and the task at hand. At BDO, we’ll help youachieve your personal goals and career ambitions, and we haveprogrammes, resources, and frameworks that provide clarity andstructure around career development. We’re in it together Mutualsupport and respect is one of BDO’s core values and we’re proud ofour distinctive, people-centred culture. From informal successconversations to formal mentoring and coaching, we’ll support youat every stage in your career, whatever your personal andprofessional needs. Our agile working framework helps us stayconnected, bringing teams together where and when it counts so theycan share ideas and help one another. At BDO, you’ll always haveaccess to the people and resources you need to do your best work.We know that collaboration is the key to creating value for thecompanies we work with and satisfying experiences for ourcolleagues, so we’ve invested in state-of-the-art collaborationspaces in our offices. BDO’s people represent a wealth of knowledgeand expertise, and we’ll encourage you to build your network, workalongside others, and share your skills and experiences. With arange of multidisciplinary events and dedicated resources, you’llnever stop learning at BDO. We’re looking forward to the future AtBDO, we help entrepreneurial businesses to succeed, fuelling the UKeconomy. Our success is powered by our people, which is why we’realways finding new ways to invest in you. Across the UK thousandsof unique minds continue to come together to help companies we workwith to achieve their ambitions We’ve got a clear purpose, andwe’re confident in our future, because we’re adapting and evolvingto build on our strengths, ensuring we continue to find the rightcombination of global reach, integrity and expertise. We shape thefuture together with openness and clarity, because we believe inempowering people to think creatively about how we can do thingsbetter. TJ-JB1 LI-JB1
