At a Glance
- Tasks: Drive application security and improve security measures across a large enterprise environment.
- Company: Major media & entertainment organisation with a focus on innovation.
- Benefits: Competitive daily rate, hybrid work model, and hands-on experience in a dynamic field.
- Other info: Opportunity to work with cutting-edge tools and grow your career in security.
- Why this job: Make a real impact on security in a fast-paced, collaborative environment.
- Qualifications: Strong background in DevSecOps and application security with GitHub expertise.
We’re supporting a major media & entertainment organisation looking for a hands-on DevSecOps Engineer to drive application security and BAM (Business Application Measures) improvements across a large enterprise environment. This is a delivery-focused role where you’ll take ownership of security remediation activities, CI/CD security integration, GitHub governance, and DevSecOps tooling improvements across multiple critical systems. They need someone technical who can actively drive security controls from “agreed” through to implementation.
Key experience required:
- Strong DevSecOps / Application Security engineering background
- GitHub administration & GitHub Advanced Security (GHAS)
- CI/CD pipeline security integration
- SAST / DAST tooling (CodeQL, Semgrep, OWASP ZAP etc.)
- Secret scanning, dependency scanning, container & IaC scanning
- OIDC / short-lived credentials
- Security remediation & vulnerability management
- JIRA / Agile delivery environments
- Strong stakeholder management & delivery ownership
Nice to have:
- BAM / governance programme experience
- Datadog / SIEM / EDR exposure
- Pen testing remediation
- OWASP / Secure SDLC knowledge
- Cloud / container security exposure
The client is looking for someone proactive, organised, and technically strong who can operate across development, infrastructure, security, and operational teams whilst keeping delivery momentum moving.
Microsoft Windows Server Engineer employer: Norton Blake
As a leading media and entertainment organisation, we pride ourselves on fostering a dynamic work culture that champions innovation and collaboration. Our London-based team enjoys a hybrid working model, competitive daily rates, and ample opportunities for professional growth in the rapidly evolving field of DevSecOps. Join us to be part of a forward-thinking environment where your contributions directly impact our security landscape and drive meaningful change.
StudySmarter Expert Advice🤫
We think this is how you could land Microsoft Windows Server Engineer
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at meetups. We can’t stress enough how important it is to make connections; you never know who might have the inside scoop on job openings.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your DevSecOps projects. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common DevSecOps scenarios. We recommend practising answers to questions about security remediation and CI/CD integration, so you can confidently demonstrate your expertise.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we’re always looking for talented individuals like you to join our team!
We think you need these skills to ace Microsoft Windows Server Engineer
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience in DevSecOps and application security. Use keywords from the job description to show we’re on the same page and you’ve got what it takes!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Share specific examples of how you've driven security improvements and managed stakeholders in previous roles. Let us see your passion for the role!
Showcase Your Technical Skills:Don’t hold back on your technical expertise! Mention your experience with GitHub, CI/CD pipeline security, and any tools like CodeQL or OWASP ZAP. We want to know how you can contribute to our team!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Norton Blake
✨Know Your Tech Inside Out
Make sure you’re well-versed in the key technologies mentioned in the job description, like GitHub Advanced Security and CI/CD pipeline security. Brush up on your knowledge of SAST/DAST tools like CodeQL and OWASP ZAP, as you might be asked to discuss how you've used them in past projects.
✨Showcase Your Delivery Focus
This role is all about delivery ownership, so be prepared to share specific examples of how you've driven security remediation activities in previous roles. Highlight your experience in Agile environments and how you’ve managed stakeholders to keep projects on track.
✨Demonstrate Proactivity
The client is looking for someone proactive, so come ready with ideas on how to improve security measures or streamline processes. Think about challenges you've faced in past roles and how you tackled them, showing that you can take initiative.
✨Prepare for Scenario Questions
Expect scenario-based questions that test your problem-solving skills in real-world situations. Practice articulating your thought process when it comes to security controls implementation and vulnerability management, as this will show your technical depth and practical approach.
