Job Openings Application Security Consultant

About the job Application Security Consultant

Key Qualifications:

  • Provide security consultancy, technical guidance, expertise and solutions.
  • Advise and review application security design to detect potential security issues and for each issue, propose and drive remediation tasks.
  • Help application team in developing and implementing security test and verification scripts for testing and validating security controls/issues.
  • Able to engage and execute security vulnerability scanning activities (VAPT/SAST/DAST/MAST activities etc) & triage security findings.
  • Define scope and review the results of security tests, reviews, and audits to ensure security assurance is achieved.
  • Identify and assess cyber risks in the application and network.
  • Perform threat modelling on security-critical applications.
  • Recommend and drive cyber security solutions and initiatives to improve the cyber security of the organization.
  • Deliver security projects, such as the implementation of security software, POC of DevSecOps tool and create rules/scripts that help identify latest security issues
  • Ensure clients' compliance policies/procedures are met through ongoing security reviews, audits, and exercises.

Key Required Skills:

  • CISSP/CCSP/CCSK/OSCP/CSSLP certification or its equivalent is preferred
  • In-depth knowledge of security concepts regarding web, iOS, Android and Rest API security. Understanding of current and emerging security technologies and threats.
  • Proficient with methodologies, tools, best practices and processes across various cybersecurity areas.
  • Proven experience with threat modelling and risk analysis.
  • Ability to gather written and verbal information from multiple sources, and assess and consolidate risks to provide appropriate recommendations.
  • Hands-on experience with penetration testing and vulnerability analysis frameworks and tools.

Optional Skills:

  • Familiar with Gov standard of security posture including planning and running Security Compliance Check, Security Vulnerability Scanning
  • Familiar with IM8 policies
  • Familiar with SSO, OIDC/SAML and MFA Framework

Or refer someone