Cyber Security Project Manager – 6 months – London Client is a Global Media company. The company is based in London and across 12 countries . The Cyber security team provides the services that underpin the clients security resilience and the organisations security profile. The Cyber security team provides the services for Information security and Cyber Risk management. Security and cyber Risk, Security Architecture application security, and Security engineering. The role sits within the Cyber security programme and will provide services to the manager of security architecture and engineering. They cyber security programme team operates alongside central Cyber security team delivering projects in Cyber security. The Cyber programme is looking for hands on application security Engineer with good expertise in application security and development. The roles will need several years hands on expertise in SDLC. They are transferring from a Devops model to a DEvsecOPs model. It will require to identify security gaps in their current DEVops processed and cloud enviroments. You will be technically responsible for implementing and integrating the required tooling such as IAC and SAST, SCA. To create a devsecops model. Providing expertise in automation of processes that enables security to be built into the development lifecycle whilst embedding application security best practices into product design and development.
Required Skills Identifying and defining and implementing requirements for application security projects. Evaluating RFI/RFPs Scoping developments and publication policies and guidelines. SSDLC models and frameworks procedures and guidelines. SSDLC models and frameworks with incorporating tooling. Implementing monitoring and alerting solutions across product estates performing. Arranging pen testing via 3 parties. Experience with Dev Secops concepts and tools having the ability to advise on best practice and implement these. Expertise in AWS and understanding of GCP and Azure cloud. Good knowledge of GCP , and Azure cloud. Experience with SAST, SCA, IAC and container scanning security tools