Application Security Specialist
6 Month Contract
Remote working available
Up to £785.00 per day via Umbrella (£598.00 per day PAYE)
Who Are We - GSK?
We are a science-led global healthcare company with a special purpose: to help people do more, feel better, live longer. GlaxoSmithKline plc was formed in 2000 as a result of a merger between Glaxo Wellcome plc and SmithKline Beecham plc , although our history can be traced back more than 300 years to London’s Plough Court Pharmacy in the 1700s.
Our goal is to be one of the world’s most innovative, best performing and trusted healthcare companies. Our strategy is to bring differentiated, high-quality and needed healthcare products to as many people as possible, with our three global businesses, scientific and technical know-how and talented people. Our values and expectations are at the heart of everything we do and form an important part of our culture:
Our values are Patient focus, Transparency, Respect, Integrity
Our expectations are Courage, Accountability, Development, Teamwork
GSK are currently searching for an Application Security specialist to join their team to help and support the delivery of the Application Security Strategy. This includes increasing adoption of SAST, DAST and SCA capabilities by engaging Dev teams across GSK.
· Working closely with diverse product and platform teams throughout GSK to promote the embedding of security into Software engineering processes
· Assist in the development and integration of automated security capabilities and service models throughout the application lifecycle such as Threat Modelling, SAST, DAST, SCA and Container Security
· Owning elements of the Strategy and ensure their successful delivery in aggressive timelines
· Ensuring solutions delivered are successfully transitioned to BAU with a fully developed service support models
· Delivering Secure Software engineering knowledge sharing sessions to engineering teams to promote security awareness throughout GSK
Day – to – Day:
HSK have an App Sec / DevSecOps roadmap for defining the capabilities that they need and the are currently tracking the work in Jira. You will be required to meet with vendors about new capabilities, as well as meeting with some operational teams on building capabilities of tools that they have already acquired. You will be working to better embed tools into GRC processes, KRIs plus working alongside the Dev teams who they are currently trying to engage more to use the tools and provide feedback to help better the process.
Experience / knowledge:
Experience deploying SAST, DAST or SCA tools in a large organisations and embedding them into developer ways of working
Good understanding of the technology
Ability to take ownership of delivery
Ability to ensure that customer experience is at the forefront of decisions
Experience with stakeholder / vendor management
Demonstrated experience and understanding of IT security controls, and related technologies and products
If you are interested, either apply direct! Or please contact me on 0161 924 1380 / Katie.Harrison@jeffersonwells.co.uk