Background:
Agilio Software Group is the UK’s largest provider of back office,
compliance, and workforce solutions in primary care and dental.
We have ambitious and exciting growth plans and are looking for
talented individuals to be part of our journey.
Job purpose:
The Application Security Pentester is responsible for leading and
enhancing the security posture or our applications.
You will be responsible for:
• Conducting application security assessments and managing external
pen tests, along with any remediations.
• Develop, implement, and maintain Agilio application security policies,
standards, and procedures.
• Represent InfoSec in application development projects promoting
secure design principles.
• Lead the integration of security tools, standards, and processes into
the software development lifecycle (SDLC).
• Provide expert guidance and leadership to development teams on how
to remediate identified security vulnerabilities.
• Document and manage a product vulnerability management program.
• Document and manage a product risk management program.
• Provide periodic security reviews and threat modelling.
• Implement a secure coding framework that incorporates best practices
and provide secure coding education to software developers.
• Define and manage the security within the CI/CD pipeline as part of the
SDLC.
• Manage and configure application security tools and platforms, such as
static and dynamic analysis tools, to automate security testing.
• Define best practice application environment security, using Cloud
Security Posture Management tooling as well as Infrastructure as Code
(IaC) vulnerability scanning.
• Stay abreast of the latest security trends, vulnerabilities, and
countermeasures; adjust security practices accordingly.
• Assist in security incidents and forensic follow up, as the subject
matter expert for product security.
• Collaborate with other teams to ensure a unified and comprehensive
security strategy.
Other Responsibilities
• Cover CISO/DPO when on leave/sickness.
• Assist in M&A security audits for product.
The skills and experience which we are looking for in our
Application Security Pentester are:
Essential
• Good understanding of OWASP top10
• Ability to present findings to a wide range of individuals
• Cloud security understanding
• Teamwork
Desirable
• ISO 27001 understanding
• Risk Management experience
• Incident Management
• Some SOC understanding esp. Sentinel
Additional Information
This is a full-time role based remotely.
Job type: Full-time, permanent, some out of hour’s work may be
required from time to time.
Salary: Competitive salary and generous benefits:
• Income Protection
• Life Assurance
• Enhanced pension
• Health Cash plan
• 28 days annual leave + bank holidays
• Sick pay scheme
• A range of flexible benefits available through our Agilio Flex portal
If you feel you have what it takes to join our team, we look forward to
receiving your application!
If you are interested in applying, please email your CV along with a
covering letter to [email protected]