Product Security Engineer (3496)

Description
About GBG

GBG is the leading expert in global digital identity. We combine our powerful technology, the most accurate data coverage, and our talented team to deliver award-winning location intelligence, identity verification, and fraud prevention solutions.

With over 30 years’ of experience, we bring together a team of over 1,250 dedicated experts with local industry insight from around the world to make it easy for businesses to identify and verify customers and locations, protecting everyone, everywhere from fraud.

Why you should be@GBG

We make the world a safer place
We trust each other and win together
We are local experts in a global business
We want you to be yourself
We grow when you grow

The Team

GBG’s Information Security team of c30 team members, enable delivery of GBG’s business strategy by ensuring GBG is secure and trusted. The team provides four core capabilities:

• Governance, Risk and Compliance.
• Cyber Defence.
• Product Security.
• Security Architecture.

What you will do

• Collaborate with business units and development teams to design and implement effective security controls for products throughout their lifecycle.
• Conduct security assessments and threat modelling exercises to identify potential risks and vulnerabilities in our products.
• Guide and advise business units on risk decisions, considering the business’s risk appetite and regulatory requirements.
• Develop and maintain product security guidelines, standards, and best practices.
• Participate in the design and implementation of secure development practices, including secure coding standards and processes.
• Work closely with development teams to ensure that security requirements are appropriately addressed during the software development lifecycle.
• Conduct security reviews of product architecture and design, identifying and addressing security gaps.
• Perform security testing and code reviews to identify and remediate security vulnerabilities.
• Collaborate with incident response teams to investigate and respond to security incidents related to products.
• Stay updated with the latest security threats, vulnerabilities, and industry best practices, and proactively propose security enhancements.

Requirements
What We’re Looking For

• Extensive commercial experience in product facing security engineering or a similar role.
• Strong understanding of software security principles, secure coding practices, modern development technologies and common security vulnerabilities.
• Experience with threat modelling, security assessments, and risk analysis.
• Knowledge of industry standards and frameworks such as CIS Top 18, OWASP, NIST, and ISO 27001.
• Familiarity with secure development lifecycle methodologies.
• Proficiency in security testing tools and techniques.
• Excellent communication skills to effectively collaborate with cross-functional teams and communicate complex security concepts to technical and non-technical stakeholders.
• Relevant certifications such as cloud native paths, GIAC, or alternative are a plus.

Benefits
To find out more

We have a vision to have the best and most engaged team members in the industry. People matter at GBG, they make us who we are. Every team member across all our locations makes a difference, everyone has something to contribute. Maybe you too could make a difference.

As part of our commitment to our team and flexible working approach, we have created a Work When and Where You Want Policy to give our team members choice and empowerment, and to support a balance in work and home life. Please ask your Talent Attraction Specialist for more information on this and our Family Friendly policy if you want to find out more!

Diversity & Inclusivity:

As an equal opportunity employer, we are committed to providing fair opportunities for everyone regardless of age, gender, race, religion, sexual orientation, parental status or disability. Everybody is welcome and our inclusion and diversity programme, be/yourself, is designed to ensure that you can thrive. Please inform your GBG Talent Attraction Specialist if you require any reasonable adjustments to the interview process.