Principal Security Specialist

• Working with Security Champions to develop a strong security capability in teams and improving the effectiveness of the overall Security Champion program
• Driving continual improvement in the secure software development lifecycle and supporting our drive to a modern DevSecOps approach
• Acts as the main point of contact on security issues for Product Delivery and EAD teams on major strategic groups of products/systems
• Assessing major strategic groups of Sage products, application or systems to identify security weaknesses and creating improvement plans where required
• Supporting security compliance as it relates to assigned products
• Identifies the need for new tools and vendors and leads their evaluation
• Drives significant improvement in key processes/standards and designs and implements new processes/standards
• Contributes to performance evaluation and technical mentoring of junior team members
• Provides technical security leadership for significant projects or workstreams
• Active contributor to relevant industry bodies, conferences, open-source projects etc.
  

Skills & Experience

• Significant experience in implementing security in the software development lifecycle
• Experience in implementing security in public cloud based SaaS applications
• Proficiency in English – written and verbal
• Experience of working with geographically dispersed teams
• Experience working in an agile, DevOps/DevSecOps environment
• Experience in security operations
• Experience of formal compliance frameworks (e.g. SOC, ISO27001, PCI or similar)
• Relevant professional security qualification such a CISSP, CSSLP or similar
• Relevant degree and >8 years commercial experience