Define and enforce embedded security practices across SDLC and CI/CD pipelines, ensuring compliance with organisational security policies and standards.
Oversee the integration of advanced security tools (e.g., SAST, DAST, SCA, automated secret scanning) with development environments.
Provide technical guidance on security configuration management, deployment hardening, and secure integration of tooling across all phases of software delivery.
Application Security Assurance
Conduct in-depth security risk assessments for high- and low-level technical designs, evaluating compliance against OWASP, CIS Benchmarks, and secure coding standards.
Perform comprehensive security testing across application environments, including API security, container scanning, and dynamic runtime assessments, while evaluating residual risk post-assessment.