hackajob is partnering with BBC to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.
• Architecture of Systems
o Perform security risk assessments on BBC Digital Product environments at various stages of the Software
Development Life Cycle (SDLC) and recommend security enhancements, remediation and mitigation strategies.
• Digital Policy & Guidance
o Research and understand new security technologies, trends and threats related to BBC Digital Products and environments and use this research to provide technical and non-technical guidance to both internal stakeholders and 3rd-parties.
o Assist in running the BBC Security Champions network including facilitating sessions, engaging with champions, providing guidance around security queries and continuing to evolve the network.
o Support tactical initiatives to secure Digital Product environments for the BBC including contributing to Information Security policies, procedures and standards.
o Develop and maintain relationships with Digital Product key suppliers, Digital Product staff, Security Champions and other stakeholders.
• Development
o Peer with the rest of the InfoSec team to design, develop and deploy code for systems that assist the BBC InfoSec function and assist BBC teams to understand their current risk posture.
• Vulnerability Management
o Support the processes around security issues identified in BBC Digital Product environments, including assisting with investigation, validation and revalidation.
• Familiarity with a least one coding language (e.g., Python, JavaScript, etc) with demonstratable experience of taking an active role in both designing and implementing digital software projects using these languages.
• Ability to convey complex technical knowledge and guidance, in written form and verbally, to multiple audiences including internal stakeholders and third parties.
• Demonstrable ability to break complex problems into tangible parts, self-direct required learning and operate in a semi-autonomous manner.
• Experience deploying systems and applications from code to a cloud environment (e.g. AWS).
• Demonstratable experience of a wide range of technical security knowledge and applying this to identify and remediate security issues in digital software products.
DESIRED BUT NOT REQUIRED
• Experience of being involved in a community and taking an active lead in organising and facilitating.
• Experience with STRIDE Threat Modelling and mitigating issues from application security tooling would be ideal.
If you can bring some of these skills and experience, along with transferable strengths, we’d love to hear from you and encourage you to apply.
hackajob is partnering with BBC to fill this position. Create a profile to be automatically considered for this role—and others that match your experience.
Level up the hackajob way. Verify your skills, learn brand new ones and test your ability with Pathways, our learning and development platform.