DAS Security Lead (SC Cleared)
As the DAS Security Lead, you will be responsible for playing a critical role in strengthening our organisation's security posture, leading security assessments, and ensuring that software applications are resilient to security vulnerabilities. You will leverage your deep knowledge of static application security testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) to drive improvements in application security and create a culture of security awareness across the development teams.
Rate: £800.00 inside IR35
Location: London - Hybrid working
Duration: 6-12 Months
Key Responsibilities
* Lead the planning, execution, and ongoing management of SAST, DAST, and SCA security tools and processes to identify and mitigate security risks.
* Collaborate with development teams to integrate secure development practices and security testing into the software development lifecycle (SDLC).
* Conduct regular security reviews and assessments on internal and external applications, APIs, and infrastructure.
* Guide teams through the remediation of identified vulnerabilities and best practices and apply them to improve security testing and detection mechanisms.
Key Skills
* Proven experience as a DAS Security Lead, Application Security Engineer, or a similar role focused on securing applications and software development processes.
* Strong hands-on experience with SAST, DAST, and SCA tools such as [insert examples of tools like Checkmarx, Fortify, OWASP ZAP, SonarQube, etc.].
* Deep understanding of security vulnerabilities (e.g., OWASP Top 10) and how to identify, assess, and mitigate them in the context of web and mobile applications.
* Strong knowledge of application security standards, guidelines, and frameworks (e.g., OWASP, NIST, ISO 27001).
* Experience working in agile development environments, with the ability to balance security needs with speed and flexibility in development cycles.
* Proficiency in multiple programming languages such as Java, C#, JavaScript, Python, etc.
* Experience with threat modeling, security risk assessments, and creating security architecture for applications.
* Strong leadership, communication, and team collaboration skills.
* Relevant security certifications (e.g., CISSP, CISM, GIAC, etc.) are a plus.
Please note that due to the client time frames, you must hold an active SC Clearance to be considered for this role.
#J-18808-Ljbffr