In ADDO we've been helping companies innovate and digitized by building data-driven mobile and web apps and using AI and data science to find opportunities to grow revenues and optimize operations. In the process, we want to build an organization that inspires and become a world-class institution from the region.

The role of the Cyber Security Specialist is to be part of our Agile cross functional teams, as an embedded Security expert. Within the team you will play a critical role, introducing and promoting Security best practice right from the software design phase.

We are committed to an environment of Continuous Deployment and Integration and our Cyber Security specialists identify and challenge security risks and issues throughout the process. The right candidate will have a proven background in IT security, within modern Agile cloud based architecture and development environments.The successful candidate will be a critical link between the IT Security and DevOps team, closely managing the rate of deployment against strategic security and business risks. You will be providing expertise and undertaking risk assessments on numerous sprints, projects, prioritizing and managing multiple projects at any one time. You will work with the wider IT security team and engage their knowledge where appropriate.

Responsibilities will include:

1. Collaborating with IT development teams and other teams working closely in a DevOps and agile development process. Support the Secure Software Delivery Life Cycle (SDLC) ensuring developers are coding in-line with security standards, practices and industry best-practice


2. Interface between the development teams and relevant IT Security teams


3. Integrate into the development process, attending scrums and owning security use cases and stories


4. Advise appropriate teams (IT Security, IT Risk) on residual risk on completion of projects


5. Supporting initial risk assessment process and providing consultancy and guidance


6. Responsible for undertaking application security risk assessments as part of development projects. This entails using a threat modeling methodology to identifying threats which could affect the Confidentiality, Integrity and Availability of the data and components in scope.


7. Providing support for automated application security tooling working with IT Security as necessary


8. Work as a Global team and collaborate with IT Security colleagues in other regions when undertaking security risk assessments to share knowledge and working practices


9. Interpret and advise on the results from security testing to both technical and non-technical audiences


10. Delivering the right customer outcomes for the product, service provided related to Successful, Failed, frequency of releases


11. Overseeing effectiveness of controls to ensure compliance with Information Security policies and standards.

Qualifications:

1. Strong experience of 5 plus years with BSCS/BSIT/Software Engineering and in particular proven IT Security and/or IT audit or controls experience


2. Experience working in a DevOps environment


3. Experience working with AGILE projects


4. Demonstrable interest in IT Security


5. Experience working in IT Security or IT Audit


6. Proven experience of motivating others to deliver exceptional performance and long term results


7. Excellent written and spoken communication skills with experience of successfully influencing others, negotiating effectively and winning over audiences with compelling and persuasive presentations.

In addition to the details listed above, the ideal candidate will have:

1. Professional certifications in Information Security (CRISC, CISSP, CISA) is desirable but not essential


2. Experience of IT architecture and how it fits together to deliver an enterprise IT System