Cyber Applications Security Specialist

London (South)
£40000 - £70000 per annum
04 Oct 2016
19 Oct 2016
Contract Type
Cyber Web Applications Security Specialist Location: Bristol or London Salary: £40,000 - £70,000 depending on experience/location This role is aligned to the new function Digital CISO within the CIO CISO organisation aligned to and supporting the Digital CIO with the security requirements of the UK Digital retail business (UKD) and the global Digital delivery capability. The new function has been heavily involved in the definition and execution of an on-going security enhancement programme on behalf of UKD to provide the security and infrastructure framework to enable the business to attain its goal of becoming a premium digital retailer of financial service products. Duties & Responsibilities Investigating technical security issues and developing appropriate solutions Reviewing project and change progress to ensure security solutions are delivered on time Assisting projects in scoping and developing solutions to meet mandatory security controls Helping projects complete project Risk Assessments Skills & Experience required Good understanding of Internet and web protocols and client/server interactions: 1. HTTP(S) 2. SMTP 3. FTP Understanding of tiered application structures, separation and application zoning Good understanding of data and information security and the implications of the Data Protection Act and other legislation Encryption and data handling technologies Web application vulnerabilities and application penetration testing Understanding of web application firewalls (WAF) Application security, session management, session persistence and authentication mechanisms and single sign-on architectures Understanding of identity management and federation technologies such as AD, ADFS, OAuth, SAML and OpenID Understanding of API authentication and authorisation mechanisms including SOAP and WS Security and similar standards Understanding of Dev/Ops operating models Good team working and ability to work as a member of multiple virtual teams Nice to have Application security in a Cloud environment Understanding of IBM ISAM helpful Understanding of Email authentication mechanisms including SPF, DKIM and DMARC Experience in C#, Java or other language application development Experience working in a regulated business Understanding of infrastructure security concepts including firewalls, IDS/IPS and network zoning Understanding of IP network addressing, load balancing and high availability applications and infrastructure Due to the high volume of applications we receive it is not always possible to respond to unsuccessful applicants. Therefore if we have not responded to your application within five days please note that on this occasion your application has not been successful Ambridge Harris is committed to equal opportunity and diversity. Ambridge Harris will not discriminate on unlawful grounds. This job was originally posted as