Location : ,

Job Description

Position: Application Security consultant 
  • A. Must have practical experience (1-3 years) in an application security role that included manual testing such as:
  • Conduct security reviews(assessments) and web application penetration tests to identify vulnerabilities across a variety of development frameworks and languages.
  • Perform thorough code reviews using DAST, SAST, and SCA tools, focusing on a wide array of programming languages. (secure code reviews)
  • Advise on the integration of security practices within DevOps processes, aiding in the transition to DevSecOps.
  • Work closely with development teams to instill secure coding practices and embed security measures within CI/CD pipelines. (Deep understanding of software security architecture and design)
  • Assist in development of security processes and automated tooling that prevent classes of security issues.
  • B. Track and monitor current and trending practices in software engineering and application security, including DevOps/DevSecOps and Agile development practices
  • C. Successful implementation of application testing methodologies for web applications and APIs
  • D. Ability to assess mobile applications on IOS and Android platforms
  • E. Establish and maintain productive relationships with the wider delivery team, practice management, and client management team
  • F. Hold one or more security certifications: CISSP, CSSLP, OSCP, OSWE, OSCE, GPEN, GWAPT, eWPTX
  • G. BA/BS degree preferred in computer science, software engineering, cybersecurity, or mathematics