Lead Software Security Engineer

Ideas | People | Trust

We’re BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today’s changing world.

We work with the companies that are Britain’s economic engine – ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them.

We’ll broaden your horizons

To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you’ll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we’ll give you the training and support you need to achieve whatever you put your mind to.

We’ll help you succeed

Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships.

You’ll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO’s partners to help businesses effectively. You’ll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with.

We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls.

In this busy and rewarding role, you’ll also:

Collaborate with software development teams to integrate security into the development lifecycle

Own the cultural shift to a Security DevSecOps mindset

Manage & implement security controls, tools, and processes to secure applications and infrastructure

Monitor and respond to security incidents and threats in a timely manner

Stay up-to-date with security trends and best practices to continuously improve security posture

Automate security testing and deployment processes to ensure rapid and secure delivery of software

Develop and maintain security documentation and training materials

Develop and implement the product security strategy in alignment with organisational goals

Integrate Application Security Tools within existing Development Processes

Assist with the Planning & Execution of Application Penetration Tests

Serve as a Subject Matter Expert (SME) in the field of Application Security

Define security NFR's and ensure these are met

Report on compliance with security standards

You’ll be someone with:

Strong experience in software development and security

Proficient in scripting languages such as Powershell, YAML, JASON, etc.

Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely

Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments

Experience conducting risk assessments and threat modelling for software development and advise where necessary

Experience in software security design review

Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent

Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - (Apply online only)), Microsoft Azure Secure Development best practices, ISO27001

Experience with Azure cloud infrastructure, particularly Azure PaaS service

Experience with Azure DevOps, particularly CI/CD and backlog management

Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations

Expertise with security tools and familiarity with DevSecOps processes

Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable)

You’ll be able to be yourself; we’ll recognise and value you for who you are and celebrate and reward your contributions to the business. We’re committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand.

At BDO, we’ll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development.

We’re in it together

Mutual support and respect is one of BDO’s core values and we’re proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we’ll support you at every stage in your career, whatever your personal and professional needs.

Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you’ll always have access to the people and resources you need to do your best work.

We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we’ve invested in state-of-the-art collaboration spaces in our offices. BDO’s people represent a wealth of knowledge and expertise, and we’ll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you’ll never stop learning at BDO.

We’re looking forward to the future

At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we’re always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions

We’ve got a clear purpose, and we’re confident in our future, because we’re adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.

#TJ-JB1

#LI-JB1