Desired Skills and Experience

  • Continuous Application Security analysis and threat modelling of our products and services.
  • Establishing a strong partnership with our development and engineering teams ensuring that Security is embedded into development cycles across software and hardware.
  • Proactively enhancing and tuning our Application Security approach as new threats emerge.
  • Review, analysis and selection of various tools and systems for supporting secure development.
  • Scoping, analysis and follow up on Vulnerability Scanning and Penetration testing results.
  • Adoption of frameworks and best practices (OWASP, ASVS, MASVS, OpenSAMM).
  • Education of teams globally in Application Security threats and secured design and development.
  • Produce effective Application Security reporting and metrics.
  • Contribute to the delivery of the group Information Security Programme.
  • True expertise and technical depth in application security technologies and threats.
  • Experience with software and hardware threat vectors, threat modelling, attack surface analysis, penetration testing, and vulnerability assessments.
  • Passion for collaboration and partnership with application development within agile and the wider business.
  • 7-10 years of experience working with analysis and design of secure solutions in products and services.
  • Expertise with tools such as Burp, ZAP, BeEF and Metasploit.
  • Expertise in development methodologies and languages.
  • Fluency in English.
  • Relevant security certification (e.g. GSEC, CISSP, MSc in Information Security).
  • Fluency in European languages.
  • Familiar with current home security / smart home technologies, future developments and understand the business models behind them.
  • Internet of Things Experience.
  • First to use GSM technology to connect alarm with security call center
  • First to use “two way voice” to enable direct connection between the consumer and security call center
  • First to use images as a way to verify and assess security situation when an alarm is triggered
  • First to use SigFox’s low power wide area network to provide an alternate communications path when an intruder employs anti-jamming equipment