Company and Role Overview
Smarter Grid Solutions is a pioneering technology company that spearheaded the introduction of Active Network Management in the UK and is now a world-leading provider of DERMS Software to electrical utilities across the UK, Europe, and North America. We have a customer base that includes major utilities including UK Power Networks, Western Power Distribution, Consolidated Edison, Hydro One, and Southern California Edison and controls over 500 MW of renewable generation, from wind turbines to electric vehicles, across its customer territories.
Smarter Grid Solutions (SGS) are looking to add an Application Security Specialist to our team. Working closely with our architects. software engineering and DevOps teams you will provide expertise to inform and validate the secure design and development of SGS platform and applications.
The position reports to the Director of Information Security.
Responsibilities and Objectives
- Ensure that application security is embedded into the software delivery lifecycle
- Support secure product architecture & design functions
- Lead and facilitate application security reviews and threat modelling
- Plan and deliver developer security training in secure coding techniques
- Work with our DevOps team in development of automated security testing
- Develop, maintain and exercise regular vulnerability analysis and security auditing of products
- Perform secure code reviews
- Develop functional security testing scripts and procedures and find opportunities to automate security testing and processes
- Identify inherent vulnerabilities and information security risks within systems and applications
- Support commercial functions by contributing to bids & reviews
- Align the company products & policies with known industry security standards
- Maintain an inventory of all product software components, including their security status and ensure the timely sunsetting of unsupported components
- Advise on third party product security compliance and suitability
Required Skills and experience:
- Experience of web and application security
- Experience of security tools including static/dynamic analysis, and common security tools
- Good understanding of secure coding methodologies
- Understanding of cryptography and TLS certificate lifecycle management
- Experience with agile software development practices and methodologies
- Understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols). Experience with industrial protocols is desirable.
- Experience identifying security issues through code review.
- Excellent communication skills with an ability to communicate clearly on technical topics to the wider business
- Experience in conducting and managing application security risk
- Exposure to industry standards e.g.
Full time, Permanent
Compensation and Benefits
- Competitive salary, dependent upon experience
- 33 days holiday (inclusive of 3 public days)
- 5% matched Employer pension scheme
- Private Medical Insurance through Vitality
- Life Cover (3x)
If you’re interested in applying for this position or have any questions about the role or life at Smarter Grid Solutions we’d love to hear from you! Please email a CV/resume (or your questions) to [email protected]. We’ll get back to you as soon as we can!
We are looking forward to hearing from you.