This is an exciting opportunity to join the team at NetPay, the business bringing revolution to the UK card payments industry focusing on system innovation and service excellence delivering card payment solutions to the wholesale, reseller and corporate channel. The business is looking for a number of skilled, dedicated and ambitious team members to support our customers and make their experience the best it can possibly be.
We are looking for an experienced, knowledgeable, motivated individual to assist in enhancement of the software that will support the NetPay service proposition offered to its customers. The type of person we are looking for will have had considerable experience and involvement in software security to protect against cyberattacks.
- Understand current software/systems and suggests improvement and implementing changes.
- Develop security standards, procedures, and controls to manage and evaluate risk, with a mindset of continuous process improvement.
- Report on the effectiveness of software security and compliance controls as well as risk mitigation strategies.
- Deliver, assist and provide training to software development team.
- Manage and participate internal auditing and testing processes.
- Leadership to develop the long-term vision for application security, detection and response capabilities.
- Research/evaluate emerging cyber security threats and ways to manage them.
Required Education and Experience
- University graduated (preferably in Software Engineering, Computer Science or Mathematics). MSc or PhD in cyber security is bonus.
- 5+ years of professional work experience in security.
- Good understanding user authentication, vulnerability testing, cryptography and security administration.
- Advanced knowledge of OWASP Top 10 vulnerabilities and able to identify/find those vulnerabilities in the application.
- Experienced in Penetration Testing using various tools and manual testing for the application and APIs.
- Very good knowledge of using vulnerability testing tools like Burpsuite.
- Very good knowledge of using static/dynamic code analysis tools.
- Very good understanding PCI DSS/PII data protection against cyberattacks.
- Have knowledge of relational and non-relation database security and encryption.
- Strong oral and written communication skills.
- Skills in report writing for technical and non-technical staff.
- Self-starter, strategic thinker, negotiator, and consensus builder.
Key Competencies and Behaviours
- Strategic Thinking – Considers the longer-term impact of day to day decisions. Considers the requirements and goals of the business when prioritising day to day work and projects.
- Accountability – Takes ownership of issues to get resolutions that benefit the business.
- Problem Solving and Analysis – Works on problems of diverse scope where analysis of data is required.
- Demonstrates good judgement in selecting methods and techniques in obtaining solutions.
- Leadership – Will influence other areas of the business and provide proactive feedback to the Management Team.
- Teamwork and Collaboration – High sense of ownership and urgency with experience in working in and co-ordinating a team to get the job done and deliver upon the objectives and goals of the business.
- Customer Focus – Makes and meets internal customer commitments understanding that their requirements are what drive those of the business and keep the doors open.