Staff Software Engineer (Security)
Posted 12 days 9 hours ago by GUARDIAN NEWS AND MEDIA
Join our team at the Guardian and be a part of a diverse and inclusive global organisation that delivers fearless, investigative journalism, and holds power to account. Our team of award-winning journalists, cutting-edge commercial professionals, and industry-leading digital experts are committed to making a difference and represent a wide range of backgrounds and perspectives. We offer a challenging and exciting environment for career development, with a focus on training, growth and fostering an inclusive culture.
We're now looking for a Staff Software Engineer (Security) to work in our developer experience stream in a security-focused team. You will help protect the Guardian and its readers from cyber-security threats by employing leading practices and tooling to secure our services.
The Guardian has a unique security profile, so we're looking for someone with demonstrated domain knowledge to ensure the security of our platform.
About the Role:
- Identify, develop and improve metrics that drive desired behaviour and security outcomes.
- Introduce and maintain security tooling that enables teams to efficiently secure their services and reduce attack surface.
- Assure the implementation of security and control policies through automation and DevSecOps best practices (secure by design and default).
- Educate other developers and work with teams to expand secure coding best practices, and help them meet their security goals.
- Build a close working relationship with the Information Security team to ensure engineering initiatives are aligned with Guardian News & Media's (GNM) information security strategy.
- Work in a multi-functional team, empowered to rapidly iterate and release new features. Our culture is strongly collaborative, whether pair programming with other developers or working closely with editorial and commercial colleagues.
- Encourage others to grow and pass on your expertise to other developers, whilst continuing to grow yourself.
Much of our code is openly available on GitHub, and some of our projects are widely used throughout the Open Source community. Many of our developers regularly attend and present at conferences. Please visit our Guardian Developers site and the Guardian Developer blog for more information about working in the Digital Development team.
About You:
- You have experience in information security and have comprehensive experience in software development
- You have an in-depth understanding of best practices in security engineering, including networking, software supply chain & application security.
- You are familiar with current and merging standards within the information security space. For example: NIST Secure Software Development Framework, Supply chain Levels for Software Artifacts (SLSA).
- You are confident in translating product and business requirements into technical solutions.
- You are passionate about spreading security best practice with engineers.
We value and respect all differences (seen and unseen) in all people. We aspire to have inclusive working experiences and an environment that reflects the audience we serve, where our people have equal access to career development opportunities, their voices are heard and can contribute to our future. We actively encourage applications from people of all backgrounds. Many of our staff work flexibly and we will consider all requests for flexible working arrangements.
How to Apply
To apply, please upload your latest CV and a cover letter which outlines why you'd love to take on this role, and why you're a great match for what we're looking for.
The closing date for applications is Monday 6th January 2025.
All roles at the Guardian are open for everybody to apply. It is important to us that you feel supported and comfortable throughout your recruitment process, in order to perform your best. Please let us know if there are any changes we could make to the application process to make it easier and more comfortable for you. Please contact Anna Vipers on to discuss further so we can work with you to support you through your application.
Benefits at the Guardian
Culture & Wellbeing
We want everyone to feel like they belong at the Guardian and we champion diversity of thought. Our various employee forums provide a platform to use their voice to foster an inclusive workplace.
We offer great tools to help you prioritise your wellbeing including free yoga and pilates. These run alongside our corporate gym membership and cycle to work scheme.
Learning & Development
We encourage personal and professional growth. Employees have access to a broad range of tools and solutions, and we are happy to support the pursuit of professional qualifications through vocational courses and apprenticeships.
Our Working Environment
We take pride in our surroundings and are pleased to offer versatile meeting rooms and colourful communal areas. We have a brilliant canteen that caters to breakfast, lunch and dinner, with views overlooking Regent's Canal.
Additional Benefits & Policies
We offer 30 days annual leave per annum, plus an additional 5 day holiday purchase scheme. Our pension scheme is generous; if you contribute 5% then we will contribute 8-12% (depending on your age). We believe in giving back, which is why employees are given 2 volunteering days annually and the option of payroll giving. Season ticket loans are also available.
You are entitled to life cover, income protection, healthcare, sick pay and eye tests. You can also opt in to dental insurance.
We have enhanced maternity, paternity, adoption and shared parental leave policies in place. We also support our employees by offering an IVF, menopause, baby loss, and trans equality policy.