Head of Application Security

At Access we love software and how technology never stays the same. It's this obsession that drives us to work closely across sectors to understand the business needs of our customers - from professional services to manufacturing to not for profits and more.

We're passionate about helping our customers stay one step ahead of the challenges facing their industry and business. That's why over 1 million users and over 45,000 organisations rely on Access software to help their organisation thrive.

About you:

Reporting to the Director of Software Engineering and Architecture, you will be responsible for promoting and driving security best practices, secure software development life cycle and assurance of security implementation and cyber defence across all Product Development teams.

Working closely with senior stakeholders within Product Development and leading the Security Centre of Excellence, this role focusses on ensuring that through Security First, Security is embedded into our processes, tools and platform.

Day-to-day, you will:

• Working with the Senior Leadership team to ensure that Security First, our secure software development life cycle programme continues to evolve to meet new threats and business needs

• Lead the Security Centre of Excellence team to provide in-depth application security guidance and expertise to all Access development teams

• Supervise the Application Security Project Manager who supports you by overseeing the day to day operation of Security First, supporting the agile development teams and leading application security initiatives and projects

• Support the development teams with the creation and evaluation of their threat models

• Further develop and Security and Compliance tools and processes for Azure, AWS, Kubernetes and 3rd party tools, and work with R&D and DevOps to ensure compliance

• Work with the Security Steering Committee on further developing application security policies and guidelines while balancing business, operational and organizational implications

• Create engaging secure software development training programmes

• Oversea compliance with our FOSS policy and be the point of escalation

• Responsible for our code scanning tools

• Responsible for penetration tests and act as the point of escalation for vulnerabilities

• Actively influence product roadmaps and Security by continually improving the Secure Development Lifecycle (SDLC) practices

• Working with the DevOps and Development teams to define robust change control policies and practices that ensure secure software deployment

• Prepare for, respond to and contain application security incidents

As a well-rounded Head of Application Security your Skills and Experiences likely include:

• Level of experience where you are able to mentor others in in Information Security

• Significant experience with Threat modelling in a cloud environment

• Knowledge of application security and secure software development practices such as Secure Software Development Life Cycle

• Knowledge of information security standards and frameworks such as OWASP, NIST, SANS, etc

• Hands-on technical experience in designing and building a secure web application, mobile application, system, or network

• Security reviews for Code / Design / Architecture and threat modelling

• Experience with penetration testing

• Be agile and perform effectively in multi-tasking fast-paced environments

• Excellent verbal and written communication as well as receptive listening skills, with ability to present complex ideas in a clear, concise fashion to technical and non-technical audiences

• Self-managing and working virtually

• Excellent team player who can work with virtual, global, and cross-functional teams

What does Access offer you?

We are a growing software company, and we deliver on what we say we do! We take the development of our people very seriously! We will work with you to carve out your success plan and an opportunity to accelerate your career and make a real difference.

In addition to our standard benefits of 25 days holiday, a match contributory pension and healthcare you will get:

• A Competitive Salary

• Giving Back/Charity days

• Quarterly Socials

• 6 weeks Sabbaticals (after 6 years of service)

• The Access Group Big Break: our all-expenses paid holiday to Spain