What you will be doing:
Work closely with developers and project teams to ensure that all applications developed are free from security vulnerabilities
Complete risk assessments and security code reviews
Carry out security threat modelling in design phase of projects
Ensure the internal security code review process is followed for all software releases and is an integral part of the SDLC
Ensure all major releases are subject to security testing, including external testing where appropriate
Ensure ongoing integrity and effectiveness of security measures including reviews of internal application security policies, procedures and controls
Training & audits
Develop and present application security awareness training
Perform periodic internal application security and compliance audits and prepare reports on findings and recommendations
Contribute to the promotion of the company through Twitter, blog posts and industry talks
Any other responsibilities as required from time to time
What qualities you will bring:
Technical Expertise
Previous experience in a similar role
Have a development background in a software development company
Experience performing code reviews, security testing and threat modelling
Ability to contribute to design and architectural decisions, providing expert input from a security point of view
Communications & Relationship Management
Ability to develop effective value-adding relationships with delivery teams
Excellent communication skills - strong writing skills for blogs, Twitter etc. and oral communication skills in presentations and industry events
Planning & Delivery
Strong planning skills throughout the development process
Security Mindset
Security mindset and demonstrates that security is an innate part of everyday work
Quality Orientation
Quality focused and shows a commitment to not compromising on quality
It helps if you also are/have:
Technical Expertise
Ability to develop new security testing tools or extend existing security testing tools
Previous experience in the payments industry
The following qualifications are a distinct advantage: CSSLP / GSSP / OSCP / CISA / GIAC
Knowledge of secure mobile development is beneficial
![]()
Work closely with developers and project teams to ensure that all applications developed are free from security vulnerabilities
Complete risk assessments and security code reviews
Carry out security threat modelling in design phase of projects
Ensure the internal security code review process is followed for all software releases and is an integral part of the SDLC
Ensure all major releases are subject to security testing, including external testing where appropriate
Ensure ongoing integrity and effectiveness of security measures including reviews of internal application security policies, procedures and controls
Training & audits
Develop and present application security awareness training
Perform periodic internal application security and compliance audits and prepare reports on findings and recommendations
Contribute to the promotion of the company through Twitter, blog posts and industry talks
Any other responsibilities as required from time to time
What qualities you will bring:
Technical Expertise
Previous experience in a similar role
Have a development background in a software development company
Experience performing code reviews, security testing and threat modelling
Ability to contribute to design and architectural decisions, providing expert input from a security point of view
Communications & Relationship Management
Ability to develop effective value-adding relationships with delivery teams
Excellent communication skills - strong writing skills for blogs, Twitter etc. and oral communication skills in presentations and industry events
Planning & Delivery
Strong planning skills throughout the development process
Security Mindset
Security mindset and demonstrates that security is an innate part of everyday work
Quality Orientation
Quality focused and shows a commitment to not compromising on quality
It helps if you also are/have:
Technical Expertise
Ability to develop new security testing tools or extend existing security testing tools
Previous experience in the payments industry
The following qualifications are a distinct advantage: CSSLP / GSSP / OSCP / CISA / GIAC
Knowledge of secure mobile development is beneficial