At a Glance
- Tasks: Drive application security and improve business measures in a dynamic media environment.
- Company: Major media & entertainment organisation with a focus on innovation.
- Benefits: Competitive daily rate, hybrid work model, and hands-on experience.
- Other info: Opportunity to work across development, infrastructure, and security teams.
- Why this job: Make a real impact on security in a fast-paced, collaborative setting.
- Qualifications: Strong background in DevSecOps and application security with GitHub expertise.
We’re supporting a major media & entertainment organisation looking for a hands-on DevSecOps Engineer to drive application security and BAM (Business Application Measures) improvements across a large enterprise environment. This is a delivery-focused role where you’ll take ownership of security remediation activities, CI/CD security integration, GitHub governance, and DevSecOps tooling improvements across multiple critical systems. They need someone technical who can actively drive security controls from “agreed” through to implementation.
Key experience required:
- Strong DevSecOps / Application Security engineering background
- GitHub administration & GitHub Advanced Security (GHAS)
- CI/CD pipeline security integration
- SAST / DAST tooling (CodeQL, Semgrep, OWASP ZAP etc.)
- Secret scanning, dependency scanning, container & IaC scanning
- OIDC / short-lived credentials
- Security remediation & vulnerability management
- JIRA / Agile delivery environments
- Strong stakeholder management & delivery ownership
Nice to have:
- BAM / governance programme experience
- Datadog / SIEM / EDR exposure
- Pen testing remediation
- OWASP / Secure SDLC knowledge
- Cloud / container security exposure
The client is looking for someone proactive, organised, and technically strong who can operate across development, infrastructure, security, and operational teams whilst keeping delivery momentum moving.
Windows Server Engineer employer: Norton Blake
Join a leading media and entertainment organisation that prioritises innovation and security in a dynamic London-based environment. As a Windows Server Engineer, you'll benefit from a collaborative work culture that fosters professional growth through hands-on experience with cutting-edge technologies and methodologies. With a focus on employee development and a commitment to work-life balance, this role offers an exciting opportunity to make a meaningful impact while enjoying the flexibility of a hybrid working model.
StudySmarter Expert Advice🤫
We think this is how you could land Windows Server Engineer
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at meetups. We all know that sometimes it’s not just what you know, but who you know that can help you land that DevSecOps Engineer role.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects related to CI/CD security integration and application security. This gives potential employers a taste of what you can bring to the table.
✨Tip Number 3
Prepare for those interviews! Brush up on your knowledge of SAST/DAST tooling and security remediation strategies. We want you to feel confident discussing your experience with GitHub governance and vulnerability management.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we’re always looking for proactive and organised candidates like you!
We think you need these skills to ace Windows Server Engineer
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience in DevSecOps and application security. We want to see how your skills align with the key requirements mentioned in the job description, so don’t hold back on showcasing your GitHub administration and CI/CD pipeline security integration expertise!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for this role. We love seeing enthusiasm and a clear understanding of the responsibilities, so mention your hands-on experience with security remediation and tooling improvements.
Showcase Your Technical Skills:In your application, be sure to highlight your technical prowess. Mention specific tools and methodologies you’ve used, like SAST/DAST tooling or vulnerability management. We’re looking for someone who can hit the ground running, so let us know what you bring to the table!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates. Plus, we love seeing candidates who take that extra step!
How to prepare for a job interview at Norton Blake
✨Know Your Tech Inside Out
Make sure you’re well-versed in the key technologies mentioned in the job description, like GitHub administration and CI/CD pipeline security. Brush up on your knowledge of SAST/DAST tools like CodeQL and OWASP ZAP, as these will likely come up during technical discussions.
✨Showcase Your Delivery Focus
This role is all about delivery ownership, so be prepared to discuss past projects where you’ve driven security remediation activities. Use specific examples to illustrate how you’ve taken charge and ensured successful outcomes in Agile environments.
✨Prepare for Stakeholder Management Questions
Since strong stakeholder management is crucial, think of instances where you’ve effectively communicated with different teams. Be ready to explain how you’ve navigated challenges and kept everyone aligned on security goals.
✨Demonstrate Proactivity and Organisation
The client is looking for someone proactive and organised. Share examples of how you’ve anticipated security issues before they became problems and how you’ve structured your work to maintain momentum across multiple teams.
