secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and … experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies like STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
the role is to support the activities of the Information Security Department and to become an SME on the following areas of the department: ISO27001, GDPR, PCI/DSS, riskanalysis, and auditing. The analyst will work closely with the Head of Information Security to ensure that the plans and activities of the IS department are completed in … accordance with industry best practices. Key Responsibilities: Perform internal audits of the Information Security Management System. Be actively involved in maintaining/developing the IT Risk register. Support external audits of the Information Security Management System including applying any corrective actions. Support the delivery of Management Review of ISMS and gain agreement from the Board. Work with employees on … similar compliance role. Ability to learn or previous experience of ISO audits including ISO27001. Knowledge of IT Security Products and Services. Developing and maintaining processes and roadmaps for security, risk, and audit programmes. Commercial experience and acumen with the ability to engage C-Level Decision Makers. Negotiation skills to formalize a sales proposition and take it from initial discussion More ❯
new Senior Credit Strategy Analyst to join our high performing credit analytics and strategy team. This team is responsible for driving step-change improvements in credit performance by developing risk models , hypothesis testing , and monitoring portfolio trends . Collaboration is key at Zopa which means you'll work closely with our cross-functional teams including data science, product, and … and point-of-sale finance, which all pose different analytical challenges. - You work with some of the best tech in the industry, such as powerful Python instances for data analysis and machine learning and Redshift for data warehousing. - All our decisioning systems are built in-house, meaning that we have nearly unlimited flexibility in what we can implement. - You … and friendliest people in the industry! A day in the life Optimising credit strategy and decisioning for one of our lending products, either through the deployment of a new risk scorecard understanding the risks involved or designing and implementing a change to credit policy. Using advanced statistical techniques to predict customer behavior or forecast future demand. Shaping and enhancing More ❯
dependencies and assumptions of the technology landscape Transitioning the solution to the Transition team for implementation upon contract signature. Establishing oneself as a leader in cross-technology issues and risk mitigation Establish relationships among key Sales and Solutioning, Technical Factory, Product Management, BPS Operations Capability/Offering, Transition and Delivery teams and other groups (as applicable) Work with Product … with off-shore teams. · Technology Architect related certifications preferred. Professional Skill Requirements: · Self-motivated and ability to work with remote resources and teams · Strong project management skills · Well-developed riskanalysis and mitigation skills · Strong problem solving, analysis, and design skills · Strong analytical skills · Strong communication skills and experienced in communication at executive level · Client facing presentation More ❯
dependencies and assumptions of the technology landscape Transitioning the solution to the Transition team for implementation upon contract signature. Establishing oneself as a leader in cross-technology issues and risk mitigation Establish relationships among key Sales and Solutioning, Technical Factory, Product Management, BPS Operations Capability/Offering, Transition and Delivery teams and other groups (as applicable) Work with Product … with off-shore teams. · Technology Architect related certifications preferred. Professional Skill Requirements: · Self-motivated and ability to work with remote resources and teams · Strong project management skills · Well-developed riskanalysis and mitigation skills · Strong problem solving, analysis, and design skills · Strong analytical skills · Strong communication skills and experienced in communication at executive level · Client facing presentation More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms) and modern development architectures More ❯
