Leading TfL Engineering Cyber Security team overseeing cybersecurity activities and providing guidance on technical matters. Engaging with stakeholders to enhance cyber security capabilities and reduce risks.
Responsibilities
- Work closely with the engineering team on all security initiatives, ensuring that products are built securely by default and that audits and remediation efforts are managed to ensure smooth and timely resolution
- Be flexible, resourceful in problem-solving, and willing to take on new challenges as the business evolves
- Conduct comprehensive risk assessments and vulnerability analyses to identify potential threats and security gaps in existing and new systems/architectures
- Implement and manage static and dynamic code analysis tools in the CI/CD pipelines
- Perform security reviews of the source code and advise developers on the remediation
- Conduct system vulnerability scanning to identify infrastructure vulnerabilities in networks, systems, middleware and databases
- Conduct vulnerability risk assessments to evaluate the likelihood and potential impacts of each identified vulnerability.
- Manage the remediation lifecycle with a risk-based approach to ensure that all vulnerabilities are remediated in accordance with accepted industry standards.
- Manage the end-to-end process of handling externally reported vulnerabilities or bug bounty reports
Requirements
- Total experience of 5-7 years in the area of cybersecurity
- At least 3 years of experience in the area of vulnerability management
- At least 3 years of experience in the area of software development and scripting (Java, Node.js, Python)
- Solid foundations in networking, operating systems, and applications
- Serve as a self-starter, diligently tracking progress and communicating status updates without prompting
- Ability to ask the right questions to understand the parameters of any project they're working on or want to undertake
- Ability to communicate effectively with both technical and non-technical stakeholders
- Ability to work independently, take ownership of tasks, and drive them to completion
- Ability to acquire new skills and knowledge independently
Benefits
- Wellness Boost: Stay healthy with resources for physical and mental well-being with our flexible benefits and Employee Well-being Program - because you matter!
- Customized Benefits: Tailor your benefits with our flexible plan.
- Growth Opportunities: Unlock your potential through clear progression paths.
- Skill Development: Access training resources to fuel your personal and professional growth.
- Volunteer Time Off: Enjoy paid time off to make a difference in the world through volunteering.
- Family Support: Take advantage of paid Family Care Leave to bond with your family, while our selected Flexible Benefits also cater to your family's needs.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Information Security Expert responsible for managing IT - Security tasks in a major German energy company. Involved in ISMS processes and asset evaluation in a collaborative environment.
Sales Executive at Johnson Controls connecting businesses with security solutions and managing customer relationships. Expanding accounts and driving results in commercial security technologies.
Business Information Security Officer leading Cyber Security Risk & Control maturity at Coles. Collaborating closely with Customer & Digital team to enhance security frameworks and controls.
Enterprise Security Architect responsible for security architecture in Novartis' Digital Workspace. Collaborating with teams to ensure implementations meet security policies and industry standards.
Lead Product Security at Bupa, driving cybersecurity in digital products and cloud platforms. Oversee security frameworks, manage teams, and ensure compliance with industry standards.
IT Audit Senior managing client expectations and delivering detailed audit analyses and findings. Collaborating with management on IT audit engagements in a leading advisory firm.
Enterprise Security Architect specializing in Digital Workspace security at Novartis. Responsible for ensuring security standards and practices across IT functions and collaborating with various teams.
Cyber Security Engineer responsible for administering security tools and projects. Collaborating with stakeholders to ensure the overall Cyber Security of the firm.
Facility Security Officer responsible for developing and administering security programs for classified materials. Overseeing compliance with federal security regulations at the Rochester, NY site.