Endava
Infrastructure Security Operations Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Endava
Endava plc is a global technology services company founded in 2000 and headquartered in London, UK. The company specializes in digital engineering, consulting, and managed services, aiming to drive innovation and business transformation across various industries. With 67 offices in 28 countries, Endava emphasizes a people-centric approach, combining engineering excellence with deep industry knowledge. The company offers a wide range of services, including digital product acceleration, advisory and digital strategy, delivery services, digital engineering, data and AI, and modern managed services. Endava serves clients in multiple sectors such as healthcare, finance, retail, automotive, and telecommunications, focusing on building long-term partnerships and delivering positive client impacts. The leadership team, including CEO John E. Cotterell and CFO Mark S. Thurston, guides the company with a commitment to values like being smart, adaptable, and trusted.
Security at Endava
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Endava's philosophy centers on integrating security into the SDLC through mentorship and a champions-led model, rather than strict gatekeeping.
- They prioritize a risk-based approach to manage vulnerability volume. - Stated Mission: "We build security into the software development lifecycle by mentoring our people and investing in tools and processes"– . - Developer Enablement: "We enable security through our security champions"– . - Risk Philosophy: "A risk-based approach"– . - Stated Pain Points: "Too Many Vulnerabilities, Not Enough Context"– .
Security Team
Endava utilizes a security champions model to distribute security responsibility. Key leadership includes Goce Kalamadevski (Group Head of Software Security) and Chris Berry (CISO). While a specific headcount is not publicly available, the company is actively recruiting for security engineering roles. - Org Structure: "We enable security through our security champions"– . - Key Leaders: 1. Goce Kalamadevski, Group Head of Software Security – "Group Head of Software Security"– . 2. Chris Berry, Chief Information Security Officer (CISO) – "CHIEF INFORMATION SECURITY OFFICER (CISO)"– . - Team Size Estimate (as_of:): Information not publicly available. - Active Job Postings: 2 observed (Device Security Engineer, Network Security Engineer) – .
Key Initiatives
- Endava actively maintains a Security Champions program and emphasizes 'Shift Left' practices.
- Their vulnerability management process is currently focused on modernization through AI and risk-based prioritization. - Security Champions: Status: Evidence Found. "We enable security through our security champions"– . - "Shift Left"in Practice: "Integrating testing early in the development process"– . - Vulnerability Management: Focuses on remediation automation. "AI-driven workflows streamline remediation"– . - Secure SDLC: "We build security into the software development lifecycle"– .
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.