Desired Skills and Experience
- Continuous Application Security analysis and threat modelling of our products and services.
- Establishing a strong partnership with our development and engineering teams ensuring that Security is embedded into development cycles across software and hardware.
- Proactively enhancing and tuning our Application Security approach as new threats emerge.
- Review, analysis and selection of various tools and systems for supporting secure development.
- Scoping, analysis and follow up on Vulnerability Scanning and Penetration testing results.
- Adoption of frameworks and best practices (OWASP, ASVS, MASVS, OpenSAMM).
- Education of teams globally in Application Security threats and secured design and development.
- Produce effective Application Security reporting and metrics.
- Contribute to the delivery of the group Information Security Programme.
- True expertise and technical depth in application security technologies and threats.
- Experience with software and hardware threat vectors, threat modelling, attack surface analysis, penetration testing, and vulnerability assessments.
- Passion for collaboration and partnership with application development within agile and the wider business.
- 7-10 years of experience working with analysis and design of secure solutions in products and services.
- Expertise with tools such as Burp, ZAP, BeEF and Metasploit.
- Expertise in development methodologies and languages.
- Fluency in English.
- Relevant security certification (e.g. GSEC, CISSP, MSc in Information Security).
- Fluency in European languages.
- Familiar with current home security / smart home technologies, future developments and understand the business models behind them.
- Internet of Things Experience.
- First to use GSM technology to connect alarm with security call center
- First to use “two way voice” to enable direct connection between the consumer and security call center
- First to use images as a way to verify and assess security situation when an alarm is triggered
- First to use SigFox’s low power wide area network to provide an alternate communications path when an intruder employs anti-jamming equipment