Senior Cybersecurity Specialist

Department:

Compliance

Employment Type:

Full time

Location:

Remote, UK

About now, you’d expect us to tell you what Amplience does.
 
Well, we don’t do the expected.
 
Instead, we want to tell you what we believe in: Freedom.
 
Because Freedom is everything that Amplience stands for. It’s in the way we work, the way we think, the way we empower our customers.
 
And if you choose to join us (we’d be honored) you’ll have the Freedom to work however and wherever you want.  
 
Oh, and in case you were wondering, Amplience is a commerce experience platform that takes the heavy lifting out of digital content, giving you the Freedom to create digital experiences without limits.
 
We already work with over 400 leading retails brands and counting, including the likes of Crate & Barrel, Traeger Grills, Ulta Beauty, Coach, Otto Group, GAP, Curry’s, Argos and The Very Group.
 
We’ve got over 200 employees across the world, with $180 million of investment behind us and huge, exciting growth plans ahead. And we’d love you to come along for the ride.
 
Are you in?

Key Responsibilities

Web Application Security is at the heart of the protecting organisations from malicious attackers, who may be politically, economically, or socially motivated to gain access to enterprise systems. The motivations for such attacks may be to damage the brand, remove private or confidential information, impact service availability, defraud or change application code or data without detection.
 
Accountable for the delivery of cybersecurity services within the Amplience Application development and engineering environments. Service scope to include:
·       Application Security Architecture
·       Source Code Analysis & Review
·       Dependency Analysis & Review
·       FOSS Licensing limitations and compliance  
  • Establish Robust Application Vulnerability and Alert Management processes
  • Be a key Influencer to security best practice, defining agreed standards implemented, maintained, and supported within the Amplience SDLC
  • Reviewing and making formal recommendations of any products and services aligned to our cybersecurity objectives. Including deployment and maturity strategies as required.
  • Implement and Lead Application Security Initiatives such as Application Security Architecture best practice reviews and recommendations 
  • Receive, Review, Analyse and manage threat intelligent feeds relevant to Amplience requirements. Ensuring escalations are appropriately assessed, measured & prioritised in a timely manner.
  • Act as escalation point for security incidents, ensure all incidents are handles in a timely fashion. Ensure knowledge-sharing, mentoring and training for SecOps team members with regards to the technical capabilities and processes. 
  • Collaborate with other members of the team to develop new protocols, layers of protection, and other bother proactive and defensive systems that stay one step ahead of cyber criminals. 

Skills Knowledge and Expertise

  • Senior stakeholder engagement.
  • Assertive management control
  • Development, consultation, and implementation of fit for purpose policies and processes
  • Proven experience in technical application security roles.
  • Coding experience in at least one main languages (Java, C#, etc.) 
  • Senior stakeholder engagement.
  • Assertive management control
  • Development, consultation, and implementation of fit for purpose policies and processes.
  • Experience in secure application design, testing and deployment. 
  • Business Case Development
  • Documented Requirements & Requirements Gathering
  • Product knowledge
  • Supplier Reviews
  • Leading proof of concept reviews 
  • Applications Security Best Practices
  • Cloud-based security issues impacting application security
  • Be familiar with application security standards and frameworks. 
  • Threat intelligence approach principles
  • Threat intelligent best practice
  • Threat intelligence best in class source knowledge and management 
  • Ability to use logic and reasoning to identify the strengths and weaknesses of IT systems
  • A forensic approach to challenges
  • A deep understanding of how hackers work and ability to keep up with the fast pace of change in the criminal cyber-underworld
  • Ability to seek out vulnerabilities in Web Application and IT infrastructures
  • A deep understanding of OWASP top 10, how hackers exploit web application vulnerabilities to gain access to an environment.
  • Understanding of cloud-native application security controls (AWS).
  • Strong engagement and people management skills to ensure buy-in from key stakeholders and C-Level management.
  • Demonstrable experience in building and securing pipelines in cloud-native environments ( AWS) 
  • Experience in implementing technical controls to ensure runtime protection, as well as protection of serverless event-driven environments. 

Benefits

  • Competitive salary
  • Flexible working arrangements
  • Discretionary bonus scheme
  • Company pension scheme
  • Employee share options so that everyone can benefit from our success
  • Enhanced maternity & paternity policies
  • Extra holidays once you've been with us for a while
  • The option to purchase additional holidays
  • Charity / volunteer days
  • Life assurance policy
  • Ride to work scheme
  • Season ticket advance loans

About Amplience

Made for Commerce

Designed for Conversion

Engineered for Performance

Amplience is an API-first, headless CMS and DAM in one: a unified platform for commerce content that does everything you need it to. Organize, find and enrich all your assets from a central library. Optimize and automate your product media, images and videos.

Plan, schedule, produce and deliver customer experiences. Do it all from the same platform.

And do more of it. Better, and faster, than ever.

Our Hiring Process

  • Applied
  • Review Application
  • Recruitment Interview
  • Technical Interview
  • 2nd Technical Interview
  • 3rd Interview
  • Hired

Not quite right?

Register your interest to be notified of any roles that come along that meet your criteria.

Register your interest