Back to Job SearchWhat you'll be doing:
Role Overview
The Application Security Assurance Specialist - Principal (P3) is responsible for overseeing the security assurance processes within software development and deployment pipelines across diverse methodologies. This role champions proactive integration, governance, and enhancement of security controls, ensuring the maturity and effectiveness of application security frameworks to safeguard critical business systems.
Key Responsibilities
Security Governance and Integration
- Define and enforce embedded security practices across SDLC and CI/CD pipelines, ensuring compliance with organisational security policies and standards.
- Oversee the integration of advanced security tools (e.g., SAST, DAST, SCA, automated secret scanning) with development environments.
- Provide technical guidance on security configuration management, deployment hardening, and secure integration of tooling across all phases of software delivery.
Application Security Assurance
- Conduct in-depth security risk assessments for high- and low-level technical designs, evaluating compliance against OWASP, CIS Benchmarks, and secure coding standards.
- Perform comprehensive security testing across application environments, including API security, container scanning, and dynamic runtime assessments, while evaluating residual risk post-assessment.
Strategic Consultation and Advancement
- Collaborate with stakeholders to assess the security maturity of existing practices and recommend improvements aligned with compliance requirements and delivery velocity.
- Provide expert-level recommendations on the refinement of automation processes, risk mitigation strategies, and the deployment of compensating controls where necessary.
- Evaluate emerging technologies and leverage AI-driven application security tools to optimise assurance activities.
Collaboration and Leadership
- Partner with development and DevSecOps teams to embed robust security measures within workflows, ensuring alignment with secure coding standards and organisational priorities.
- Actively engage in the training of development teams, fostering a culture of security awareness and empowering stakeholders to implement best practices.
- Lead cross-functional teams to complete security assurance initiatives effectively.
Reporting and Documentation
- Generate actionable reports and presentations tailored to technical and non-technical audiences, highlighting findings, severity assessments, and remediation tracking.
- Maintain clear, auditable documentation for compliance purposes and contribute strategic insights into executive-level reviews.
What experience you'll bring:
Required Qualifications
- 5+ Years experience in providing technical expertise in managing security frameworks and tools (SAST, DAST, SCA, container security, etc.).
- Advanced knowledge of application lifecycle management methodologies (Waterfall, Agile, DevSecOps, CI/CD).
- Strong understanding of compliance with standards such as OWASP Top 10, NIST CSF, and CIS Controls.
- Demonstrated ability to lead security assurance initiatives across complex development environments.
- Proficiency in designing and executing technical assessments and risk evaluations.
Other Qualifications
- Familiarity with AI-driven application and security testing tools and their integration within pipelines.
- Professional certifications such as CISSP, CSSLP, or similar.
- Experience in development enablement through the creation of secure coding frameworks and tools for automated quality assurance.
Success Metrics (6-12 months)
- Complete security assessments for critical systems within stipulated timelines, ensuring vulnerabilities are resolved collaboratively with development teams.
- Successfully integrate comprehensive security controls into CI/CD pipelines, automating compliance checks.
- Reduce incident response time by identifying and remediating residual risks before go-live stages.
- Achieve alignment and certification for designated projects against OWASP and CIS standards within established business constraints.
Who we are:
At NTT DATA, you have endless opportunities to think big, act bold and take ownership. As a $30+ billion business and technology services, AI and digital infrastructure leader, we co-innovate solutions with clients and partners globally for business and societal impact. Serving 75% of the Fortune Global 100, with experts in over 70 countries, we encourage experimentation and recognize great work. Proudly a Global Top Employer, NTT DATA is part of NTT Group, which invests over $3 billion annually in R&D. Make this the place where you belong, learn, and build your network. Make this the place where you grow.
what we'll offer you:
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: https://uk.nttdata.com/
We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Location
“Upon joining the NTT DATA UK family, you will experience a culturally diverse organisation living our values of Clients First, Teamwork and Foresight as we partner with our customers every day.
At NTT DATA UK, we are proud to support and invest in our people. We offer a variety of rewarding career paths and opportunities to develop professionally - with access to cutting edge innovation.”
Niccolo Spataro, CEO, NTT DATA UK
