Frontend Developer

The Front-End Security Developer will be responsible for ensuring the secure design and implementation of front-end applications . This includes applying secure coding practices, conducting threat modeling, and ensuring compliance with industry standards. The ideal candidate will have a strong background in front-end development and cybersecurity.

PLEASE NOTE the client will only accept candidates who are authorised to work in the UK, without the requirement for sponsorship or ANY type of visa (e.g. dependant/spousal, post-study etc.).

In addition, this role hybrid based with 4 days in the Scottish office , therefore you should currently be located in Scotland.

PRINCIPLE JOB RESPONSIBILITIES

• Perform security requirements analysis
• Conduct risk analysis and threat modeling
• Ensure secure design principles are applied such as least privilege, defence in depth, and secure defaults
• Ensure secure implementation of requirements and threat mitigations, including:
• Follow secure coding guidelines to prevent common vulnerabilities (e.g., buffer overflows, injection flaws)
• Application of Static Code Analysis to identify security vulnerabilities in code
• Application of Software Composition Analysis to ensure supply chain security
• Unit testing and code reviews
• Defect analysis and remediation
• Ensure compliance with internal processes and applicable standards (e.g., IEC 62443, ISO 27001)
• Support internal and external audits as required
• Drive continuous improvement by staying updated on emerging threats, tools, and best practices
• Occasional travel may be required, such as training or customer support.

REQUIRED QUALIFICATIONS AND EXPERIENCE

• Minimum 5 years of experience in developing desktop applications and/or web applications
• Engineering degree in Software, Computer Science, Cybersecurity or equivalent demonstrated knowledge.
• Strong C++ programming skills and /or web application framework , i.e. Angular
• Understanding of encryption algorithms, key management, and secure protocols (TLS, SSH, etc.).
• Strong understanding of common vulnerabilities (e.g., OWASP Top 10, CWE/SANS Top 25).
• Familiarity with Linux, Windows, and network protocols (TCP/IP, DNS,
• Understanding of industrial protocols (e.g., Serial, Modbus, HART).
• Knowledge of industry standards : IEC 62443, ISO 27001, NIST, OWASP.
• Experience implementing DevSecOps best practices ; Azure DevOps experience is a plus
• Self-directed and motivated in a team orientated environment