Plugin Development Security Researcher


Premium Job From LA International Computer Consultants Ltd

Recruiter

LA International Computer Consultants Ltd

Listed on

8th September 2017

Location

Gloucestershire

Salary/Rate

£400 - £460

Type

Permanent

Start Date

ASAP

This job has now expired please search on the home page to find live IT Jobs.

My Client are looking for a plug in development Security Researcher to be based in Gloucester on an initial 6 month contract.

This is an important role in the Web Check team and part of the Digital Services team within NCSC. The Web Check team aims to make it easier for Government to identify and fix vulnerabilities in its online services and to make better use of security technologies.

This is a position for an outstanding security researcher with development experience to lead the building and management of the checks we run on Government websites. Candidates must have software development skills across the front and back ends, and be ready to quickly get to work within a multi-disciplinary team of developers, designers, editors, and data analysts.

Day-to-day you will be responsible for working with the Web Check Team to design, create, update and improve new and existing plugins and to help analyse the results for our customers across government.

You will also need to work with the Web Check Technical Lead to help evaluate the real-world impact of a security vulnerability/technology and a passion for software predictability, reliability, and safety. We have a strong focus on identifying a small number of really important vulnerabilities. As we are assessing Government continuously, at scale, we need to know that our tests won't have an impact on the services we check.

The main responsibilities of the post are:

*Helping understand the vulnerabilities that exist within the government's digital estate and generating new solutions for identifying and fixing those vulnerabilities.

*Designing and implementing new, innovative, plugins that generate findings about website issues, bugs or vulnerabilities for internal use.

*Ensuring that all plugins are fully tested, fully maintained, robust and fit for purpose.

*Managing the continuous integration pipeline for automated deployment of approved plugins.

*Working with members of the wider team to understand the usefulness of proposed, new and existing plugins for our users.

*Sharing knowledge of tools and techniques with the wider team, both developers and non-developers.

*Contributing towards working in an agile, stripy team and helping that team meet its wider goals.

?

PERSON SPECIFICATION - COMPETENCES/SKILLS REQUIRED

Specialist Skills & Requirements

Essential

*Experience of building back end solutions and detailed knowledge of at least two of node.js, Java 8 and Python 3.

*Experience of working on technical projects within an agile team including experience with Atlassian JIRA and GitHub.

*Experience establishing automated test, build and deployment continuous integration pipelines using Jenkins and Git.

*Ability to quickly research and apply new programming tools and software engineering techniques.

Desirable

*Linux system administration and configuration management skills.

*Knowledge of Amazon Web Services (AWS) cloud infrastructre technologies and solutions.

*An understanding of the Web platform and its security properties.

*Solid understanding of key website vulnerabilities and how those vulnerabilities might be mitigated against.

*Experience using data to improve the effectiveness of services, solutions and capabilities.

*Experience in the design, development and delivery of microservice-architecture solutions.

*Ability to quickly research web application security topics, issues and best practice.

*High level of proficiency working with a complex Scrum-based Agile development environment

In addition to the specialist skills listed above successful candidates will need to demonstrate broad competencies as below.

SETTING DIRECTION

Changing and Improving

Essential

-Encourage a culture of innovation focused on adding value and exceeding the team's business goals.

-Contribute towards the creation of a codebase that can act as an exemplar across government.

-Spot warning signs of things going wrong and provide a decisive response to significant delivery challenges.

-Working to help promote the highest developer standards.

Making Effective Decisions

Essential

-Weigh up data from various sources, recognising when to bring refer to experts/researchers to add to available information

-Identify the main issues in complex problems, clarify understanding or stakeholder expectations to seek best option

-Contributing the successful working of the entire Web Check Team.

DELIVERING RESULTS

Managing a Quality Service

Essential

-Ensure the plugins we deliver consider customer's needs and a incorporates a broad range of available methods to meet this need, including new technology where relevant

Delivering at Pace

Essential

-Review, challenge and adjust performance levels to ensure quality outcomes are delivered on time, rewarding success

-Working using agile methodologies and encourage others to do the same

ENGAGING PEOPLE

Leading and Communicating

Essential

-Clarify strategies and plans, and help give a clear sense of direction and purpose for self and team

-Be visible to staff and stakeholders and regularly undertake activities to engage and build trust with people involved in area of work

-Confidently engage with stakeholders and colleagues at all levels to generate commitment to goals

Collaborating and Partnering

Essential

-Actively build and maintain a network of colleagues and contacts to achieve progress on objectives and shared interests

Building Capability for All

Essential

-Coach and support colleagues to take responsibility for their own development (through giving accountability, varied assignments and on-going feedback)

-Establish and drive intra and inter team discussions to learn from experience and adapt organisational processes and plans

Due to the nature of the end customer's working environment, applicants with a live and current SC clearance are strongly encouraged to apply.

Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks.

LA International Computer Consultants Ltd is an HMG Approved Consultancy and operates as an IT & Engineering Consultancy or as an Employment Business & Agency, depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, we welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International Computer Consultants Ltd (Recruiter Awards for Excellence - Best IT, Best Public Sector & Gold Awards) and the most prestigious award that any business can receive The Queens Award for Enterprise: International Trade 2015.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: