Security Assessment & Vulnerability Management — Conduct comprehensive security assessments across all applications and network infrastructure. Build and maintain a vulnerability register with clear prioritisation (High/Medium/Low) and documented risk acceptance for findings that cannot be immediately remediated.
Security Standards & Baseline — Define and socialise security baseline policies covering secure coding, authentication, data protection, and network segmentation — aligned with enterprise architecture standards.
SAST/DAST & Security Tooling Deployment — Deploy and operate SonarQube (SAST) and OWASP ZAP (DAST) across 80%+ of applications, plus network security scanning tools. Build automated security scanning into the development workflow.