At a Glance
- Tasks: Drive application security and improve security measures in a major media organisation.
- Company: Join a leading media & entertainment company with a focus on innovation.
- Benefits: Competitive daily rate, flexible hybrid working, and opportunities for professional growth.
- Other info: Proactive role with excellent collaboration across teams and career advancement potential.
- Why this job: Make a real impact on security in a dynamic enterprise environment.
- Qualifications: Strong background in DevSecOps and application security required.
We’re supporting a major media & entertainment organisation looking for a hands-on DevSecOps Engineer to drive application security and BAM (Business Application Measures) improvements across a large enterprise environment. This is a delivery-focused role where you’ll take ownership of security remediation activities, CI/CD security integration, GitHub governance, and DevSecOps tooling improvements across multiple critical systems. They need someone technical who can actively drive security controls from “agreed” through to implementation.
Key experience required:
- Strong DevSecOps / Application Security engineering background
- GitHub administration & GitHub Advanced Security (GHAS)
- CI/CD pipeline security integration
- SAST / DAST tooling (CodeQL, Semgrep, OWASP ZAP etc.)
- Secret scanning, dependency scanning, container & IaC scanning
- OIDC / short-lived credentials
- Security remediation & vulnerability management
- JIRA / Agile delivery environments
- Strong stakeholder management & delivery ownership
Nice to have:
- BAM / governance programme experience
- Datadog / SIEM / EDR exposure
- Pen testing remediation
- OWASP / Secure SDLC knowledge
- Cloud / container security exposure
The client is looking for someone proactive, organised, and technically strong who can operate across development, infrastructure, security, and operational teams whilst keeping delivery momentum moving.
Homeworking Engineer employer: Norton Blake
Join a leading media and entertainment organisation that values innovation and security in a dynamic hybrid work environment. As a Homeworking Engineer, you will benefit from a collaborative culture that prioritises employee growth through continuous learning opportunities and hands-on experience with cutting-edge technologies. With competitive daily rates and the chance to make a significant impact on application security across a large enterprise, this role offers a rewarding career path for those looking to excel in DevSecOps.
StudySmarter Expert Advice🤫
We think this is how you could land Homeworking Engineer
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at meetups. We all know that sometimes it’s not just what you know, but who you know that can get you in the door.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your DevSecOps projects. This is a great way for us to demonstrate our hands-on experience and technical prowess to potential employers.
✨Tip Number 3
Prepare for interviews by practising common questions related to application security and CI/CD processes. We should also be ready to discuss specific tools like CodeQL or OWASP ZAP, as they might come up during the chat.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we’re always looking for passionate individuals to join our team!
We think you need these skills to ace Homeworking Engineer
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience in DevSecOps and application security. We want to see how your skills align with the job description, so don’t be shy about showcasing your GitHub administration and CI/CD pipeline security integration expertise!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for this role. Mention specific projects where you’ve driven security remediation or implemented tooling improvements, and let us know how you can contribute to our team.
Showcase Your Technical Skills:We’re looking for someone with a strong technical background, so make sure to highlight your experience with SAST/DAST tooling and security controls. If you’ve worked with tools like CodeQL or OWASP ZAP, give us the details – we love specifics!
Apply Through Our Website:Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it makes the whole process smoother for everyone involved!
How to prepare for a job interview at Norton Blake
✨Know Your Tech Inside Out
Make sure you brush up on your DevSecOps knowledge, especially around application security and CI/CD pipeline integration. Be ready to discuss specific tools like GitHub Advanced Security and SAST/DAST tooling, as they’ll likely want to hear about your hands-on experience with these technologies.
✨Showcase Your Problem-Solving Skills
Prepare to share examples of how you've driven security remediation activities in the past. Think of specific challenges you faced and how you overcame them, particularly in a delivery-focused environment. This will demonstrate your proactive approach and technical strength.
✨Understand the Business Context
Familiarise yourself with the media and entertainment sector, as well as the specific needs of the organisation you're interviewing with. Being able to connect your technical skills to their business objectives will show that you’re not just a techie but also understand the bigger picture.
✨Engage with Stakeholders
Since strong stakeholder management is key for this role, think about how you can demonstrate your communication skills. Prepare to discuss how you've collaborated with different teams in the past and how you keep everyone aligned during security projects.
