Location
London
Department
Business Systems (IT)
About The Role
Reporting to the Cyber Security & Resilience Manager, and under the direction of the Cyber Security Technical Principal, this position provides cyber security capabilities to digital product teams on behalf of the Cyber Security Team.

The role is responsible for enabling product teams to deliver securely, via the setting of security-related requirements, security testing of services/components, and supporting the security champions across the teams.

Signification focus will be on building strong relationships with stakeholders and influencing positive security outcomes while maintaining the speed of product delivery.

The role will also be key to further developing our software security maturity, both in the product teams and across Motability Operations, from governance through to operational excellence.
Responsibilities:
 
Secure Design
  • Provide well thought out security input on solution design, ensuring key security principles and best practice are reflected in design at both the software and platform level.
  • Leverage existing industry patterns (e.g. NCSC) to support input and influence stakeholders.
  • Support architects in incorporating security input and provide subject matter guidance in technical governance forums.
Security Requirements
  • Provide timely input on all development stories and tasks, utilising already established security requirements for the programme.
  • Continue to develop security requirements as required, ensuring they remain relevant and accessible to teams.
  • Help teams interpret security requirements where required, including leveraging existing material such as OWASP cheat sheets.
  • Conducting threat modelling to understand threats and draw out further requirements and controls.
Security Testing
  • Conduct both targeted, story based, and broad security testing of components and services throughout the development lifecycle.
  • Utilise tooling such as Burp and OWASP ZAP to conduct testing.
  • Scope and co-ordinate external penetration testing and offer guidance on/manage remediation actions in liaison with technical principles and programme leadership.
  • Based on testing, produce documentation to offer assurances to the programme and wider business on risk.
Security Advice and Guidance
  • Offer timely advice and guidance to a range of stakeholders on security matters, both verbally and written.
  • Represent Cyber Security at applicable forums and working groups.
  • Utilise the threat landscape and business context to provide relevant and pragmatic input.
Security Operations
  • Respond to security incidents within the programme and more widely, as directed. 
About You
This role is perfect for someone passionate about the technical aspects of cyber security, protecting customer data and ensuring cyber resiliency.

The ideal candidate will have a background in hands-on secure software development or application security testing, or demonstrable experience of working with development teams on security-related topics. You will also be a strong communicator, able to influence teams and programme stakeholders at various levels. The candidate will also have a strong desire to shift secure development practices and tooling left, giving teams access to early feedback on their work.

Knowledge of modern development practices and tools, and agile methodology, is vital. The candidate will be familiar with Java, Spring Boot, as well as React and Node. Hands-on experience of platforms such as Kubernetes and AWS is also important.

Experience of the OWASP top ten, OWASP application security verification standard and threat modelling are critical, as well as a good knowledge of utilising security tooling.

Minimum Criteria
  • Experience in a hands-on Cyber Security focused role, primarily in the application security domain
  • Degree in Information Security, Computer Science or equivalent, or industry certifications, such as CISSP/SSCP, SANS or CREST/CHECK is advantageous.
About The Company
Motability Operations is a unique organisation, virtually one of a kind. We combine a strong sense of purpose with a real commercial edge to ensure we provide the best possible worry-free mobility solutions to over 630,000 customers and their families across the UK. Customers exchange their higher rate mobility allowance to lease a range of affordable vehicles (cars, wheelchair accessible vehicles, scooters, and powered wheelchairs) with insurance, maintenance and breakdown assistance included. We are the largest car fleet operator in the UK (purchasing around 10% of all the new cars sold in the UK) and work with a network of around 5,000 car dealers and all the major manufacturers. We pride ourselves on delivering outstanding customer service, achieving an independently verified customer satisfaction rating of 9.8 out of 10.

Our values are at the heart of everything we do, and our people demonstrate these values:
  • Empowerment
  • Empathy
  • Inclusion
  • Forward thinking
  • Excellence
As a Motability Operations team member, the benefits you can expect are:
  • Competitive salary and discretionary annual bonus
  • 15% non-contributory pension (9% non-contributory during probation period)
  • Private healthcare
  • 28 days holiday in addition to bank holidays
  • Life assurance
  • Voluntary benefits such as dental insurance and gym membership
  • Cycle to work scheme
  • A flexible working arrangement between home and the office 
At Motability Operations, we believe in building a diverse workforce, where our people are empowered to attend work as their true selves, and we encourage people from all backgrounds to apply.  We want to sustain a culture that nurtures, where employees are free to flourish and where they’re rewarded equally, regardless of race, nationality or ethnic origin, sexual orientation, age, disability, or gender. 

We pride ourselves on being an inclusive employer and as such, all our offices provide first rate disability access. With our hybrid working environment, we do our best to accommodate part-time and flexible working requests where possible, building on our culture of trust, empowerment, and flexibility.

Other jobs like this

    Location
    London
    Department
    Business Systems (IT)
    Location
    London
    Department
    Business Systems (IT)
    Location
    London
    Department
    Business Systems (IT)