Cyber Security Specialist

The role of the Cyber Security Specialist is to be part of our Agile cross functional teams, as an embedded Security expert. Within the team you will play a critical role, introducing and promoting Security best practice right from the software design phase.We are committed to an environment of Continuous Deployment and Integration and our Cyber Security specialists identify and challenge security risks and issues throughout the process. The right candidate will have a proven background in IT security, within modern Agile cloud based architecture and development environments.The successful candidate will be a critical link between the IT Security and DevOps team, closely managing the rate of deployment against strategic security and business risks. You will be providing expertise and undertaking risk assessments on numerous sprints, projects, prioritizing and managing multiple projects at any one time. You will work with the wider IT security team and engage their knowledge where appropriate.

Your responsibilities will include:

• Provide guidance and help to IT delivery teams thus ensuring that Saltver delivers secure solutions to its customers

• Collaborating with IT development teams and other Saltver teams working closely in a DevOps and agile development process. Support the Secure Software Delivery Life Cycle (SDLC) ensuring developers are coding in-line with security standards, practices and industry best-practice

• Interface between the development teams and relevant IT Security teams

• Integrate into the development process, attending scrums and owning security use cases and stories

• Advise appropriate teams (IT Security, IT Risk) on residual risk on completion of projects

• Supporting initial risk assessment process and providing consultancy and guidance

• Responsible for undertaking application security risk assessments as part of development projects. This entails using a threat modeling methodology to identifying threats which could affect the Confidentiality, Integrity and Availability of the data and components in scope.

• Providing support for automated application security tooling working with IT Security as necessary

• Work as a Global team and collaborate with IT Security colleagues in other regions when undertaking security risk assessments to share knowledge and working practices

• Challenge and create new ways to meet security controls which are more effective in DevOps and agile working.

• Interpret and advise on the results from security testing to both technical and non-technical audiences

• Delivering the right customer outcomes for the product, service provided related to Successful, Failed, frequency of releases

• Shortest possible time from Idea to Live

• Number of incidences caused by Change and the mean time to recover from incidents,

• Providing support and expertise across multiple DevOps teams

• Maintain Platform stability

• Ensure defects in Dev are minimal and controlled

• Overseeing effectiveness of controls to ensure compliance with Saltver Information Security policies and standards.

Qualifications The ideal candidate for this role will have the below experience and qualifications: 

• Strong experience within IT and in particular proven IT Security and/or IT audit or controls experience

• Experience working in a DevOps environment

• Experience working with AGILE projects

• Demonstrable interest in IT Security

• Experience working in IT Security or IT Audit

• Proven experience of motivating others to deliver exceptional performance and long terms results

• Excellent written and spoken communication skills with experience of successfully influencing others, negotiating effectively and winning over audiences with compelling and persuasive presentations

• Built effective networks both internally and externally and created opportunities for others to work collaboratively

• Dealt effectively with highly complex commercial information and business challenges to create strategic business plans which effectively deliver results

• Promoted and led best practice in risk and compliance management in a similar organisation

In addition to the details listed above, the ideal candidate will have:

• Professional certifications in Information Security (CRISC, CISSP, CISA) is desirable but not essential

• Experience of IT architecture and how it fits together to deliver an enterprise IT System

The base location of this role will be Karachi, Pakistan.Saltver is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment.