We are looking for an outstanding Delivery Lead to work on a new project with one of our key partners. Hybrid working arrangements with onsite team meetups a couple of times a month in Bristol.
The Role:
Standups, Demos/workshops, Retrospectives, Refinements and planning
Post Mortems/Security Incidents
Orchestrating the pairing rotas and records
Monitor team dynamics and facilitate engagement and review of the Team Charter and team processes
Maintaining the timesheet tracker
Triaging Platform Support tickets (as per the Triage Rota)
Communicating out the current state and intent of the team
Onboarding/Offboarding new starters and leavers
Managing access and permissions for the team
Building and maintaining relationships with suppliers
Running experiments on behalf of the team to support definition of work or process change
Maintaining team motivation and building team capability to deliver the roadmap
Writing stories
User research and representing the team's customers
Establishing and maintaining the roadmap and vision for the team's products
Attending DL CoP and collaborating with Platform DLs on continuous improvement initiatives
Your Skills:
Application Security background
Excellent written and verbal communication skills
Help engineers understand vulnerabilities from various sources and how to prioritise them
Have knowledge of the Secure Software Development Lifecycle
Understand and establish the OWASP ASVS across the platform
Understand and assess current software development practices against OWASP SAMM
Understand and be able to communicate the application of Secure Coding Practices
Knowledge of current browser security features, best practice for both front and backend applications, Dynamic Application Security Testing and Static Application Security Testing
The following would be beneficial:
Knowledge of Scala or have a software development background
Experience of establishing a security champion programme or developing and fostering a security community
Knowledge of the PCI DSS
An understanding of Supply Chain security, standards, and best practice
Related Tech:
Google mail, Slack, Atlassian Confluence, Atlassian Jira, Mural, GDS Service Standards, Kanban, Scrum