Job Requisition ID: 27379

Job Closing Date: 11/09/2025

Cardiff, GBR, CF10 1FT| Glasgow, GBR, G511DA| London, GBR, W1A 1AA| Salford, MAN, GBR, M50 2QH

JOB DETAILS

JOB BAND: CCONTRACT TYPE: PermanentDEPARTMENT: BBC Information SecurityLOCATION: All UKPROPOSED SALARY RANGE: £42,000 - £52,000 depending on relevant skills, knowledge and experience. The expected salary range for this role reflects internal benchmarking and external market insights.

We''re happy to discuss flexible working. If you''d like to, please indicate your preference in the application - though there''s no obligation to do so now. Flexible working will be part of the discussion at offer stage.

PURPOSE OF THE ROLE

The BBC Information Security Team works with BBC teams around the world to provide expert advice, review systems, and deal with threats. We ensure risks are identified, managed and mitigated. We are a multi-disciplinary team who work together and with the rest of the business to ensure the BBC stays secure and our audience trust is protected.

You''ll be joining the Security Engineering and Architecture team in Information Security. The team''s focus is to ensure the BBC''s digital products and platforms are secure by leveraging our collective development and security experience. To ensure security requirements are considered and implemented, we work with product teams during the early stages of the SDLC and provide our expert technical advice to allow them to progress effectively. The team also designs, develops and deploys systems and processes to help teams understand the risks in their own systems.Another key part of the team''s function is to foster relationships across the business and ensure that security issues are discussed and actioned rather than ignored. The team runs a large network of Security Champions across the BBC which focuses on awareness and education of technical security topics which helps amplify Information Security''s effectiveness. The team also provides technical expertise to other areas of the wider Information Security Team and BBC.

WHY JOIN THE TEAM

The BBC reaches over half a billion people online every week. By joining this team you will help keep these systems secure. You''ll regularly collaborate with critical BBC product teams such as iPlayer, Sounds and News.You''ll also get continual exposure to the latest security vulnerabilities, the new technologies teams are leveraging and the security considerations around these technologies. You''ll also become a key part in helping to evolve our digital security strategy and drive transformation within the BBC.

YOUR KEY RESPONSIBILITIES AND IMPACT• Digital Policy and Guidance

o Contribute to the BBC Security Champions network by engaging with the champions.o Help deliver training and internal sessions to build engineering and product security awareness.o Share technical insights with broader InfoSec through demos, playbooks, and documentation.• Development

o Develop and maintain security tooling, automation, and platforms that support the InfoSec functiono Contribute code and engineering support to Infosec platforms and systemso Work closely with the senior team members to design and build security solutions• Vulnerability Management

o Assist with application security tooling and interpreting results (e.g., SAST/DAST outputs).o Support vulnerability validation and triage efforts across cloud-native and on-prem systems.

YOUR SKILLS AND EXPERIENCE

ESSENTIAL CRITERIA• Familiarity with at least one programming language (e.g., Python, JavaScript, etc) with demonstrable experience of building and developing digital software projects using this language.• Ability to explain technical concepts to both technical and non-technical stakeholders.• Demonstrable experience learning collaboratively with others on technical concepts and using this to break down complex problems.• Demonstratable experience of some technical security knowledge and common security vulnerability categories.• Experience leading, building or actively engaging in a community through roles such as coordinating events, engaging with members and/or attracting new members

DESIRED BUT NOT REQUIRED:• Familiarity with threat modelling (STRIDE or similar), secure coding best practices, and DevSecOps principles.• Experience contributing to open-source or internal engineering tools.• Experience deploying, operating, and troubleshooting applications in AWS environments.• Participation in security or developer communities and/or experience in mentoring or leading peer education sessions.• Familiarity with CI/CD pipelines, infrastructure as code (e.g., Terraform), and container security.

If you can bring some of these skills and experience, along with transferable strengths, we''d love to hear from you and encourage you to apply.

Disclaimer

This job description is a written statement of the essential characteristics of the job, with its principal accountabilities, incorporating a note of the skills, knowledge and experience required for a satisfactory level of performance. This is not intended to be a complete, detailed account of all aspects of the duties involved.

Please note: If you were to be offered this role, the BBC will conduct Employment screening checks which include Reference checks; Eligibility to work checks; and if applicable to the role, Safeguarding and Adverse media/Social media checks. Any offer made is conditional on these checks being satisfactory.

For any general queries, please contact: bbchr@bbc.co.uk

Redeployment

The BBC is committed to redeploying employees seeking suitable alternative employment within the BBC and they will be given priority consideration ahead of other applicants. Priority consideration means for those employees seeking redeployment their application will be considered alongside anyone else at risk of redundancy, prior to any individuals being considered who are not at risk.

Information at a Glance

This is your BBC

At the BBC you can create and innovate in an inclusive environment while contributing to some of the world''s best loved content, and the BBC''s mission to inform, educate and entertain.

Find out more about the BBC

Life at BBC

Here you will benefit from:• Fair pay and flexible benefits including a competitive salary package, a flexible 35-hour working week, 25 days annual leave with the option to buy an extra 5 days, a defined pension scheme and discounted dental, health care and gym.• Excellent career and professional development.• Support in your working life, including flexible working which you can discuss with us at any point during the application, selection or offer.• A values-based organisation where the way we do things is important as what we do.

Benefits may vary if you are joining on an FTC basis.

Learn more about life at the BBC and our values in our candidate pack.

Candidate pack

You belong

We have a working environment where we value and respect every individual''s unique contribution, so all our employees feel that they can belong, thrive and achieve their full potential.

We want to attract the broadest range of talented people to join us. The more diverse our workforce, the better able we are to respond to and reflect our audiences in all their diversity.

We welcome applications from individuals, regardless of age, gender, ethnicity, disability, sexual orientation, gender identity, socio-economic background, religion and/or belief.

Find out more about diversity, inclusion and belonging in our strategy below.

Diversity, inclusion and belonging strategy

Disability confident

We are a disability confident employer. If you need to discuss adjustments or access requirements for the interview process, or to carry out this role, please contact us via email and we''d be happy to discuss: reasonable.adjustments@bbc.co.uk

#J-18808-Ljbffr