Application Security Consultant

Job Title: Application Security Consultant

Role Purpose

Ensure enterprise applications meet the organizations security, risk, and compliance standards by embedding security across the SDLC and supporting effective vulnerability management in line with regulatory and internal control requirements.

Key Responsibilities

• Conduct application security assessments across web, mobile, and API-based applications
• Identify security vulnerabilities, assess risk impact, and recommend remediation actions
• Support secure SDLC practices, including threat modeling, code reviews, and security testing
• Perform and support SAST, DAST, and dependency scanning using industry-standard tools
• Collaborate with development, DevOps, risk, and compliance teams to remediate security findings
• Ensure alignment with regulatory requirements, internal security controls, and governance frameworks
• Support audits, penetration testing, and security assurance activities as required

Required Experience & Skills

• Minimum 6 years experience in application security, cybersecurity, or secure software engineering roles
• Strong hands-on experience with OWASP Top 10 and common application security vulnerabilities
• Practical experience using SAST and DAST tools for application security testing
• Solid understanding of secure SDLC principles and DevSecOps practices
• Strong analytical, risk assessment, and problem-solving skills
• Effective communication skills with the ability to engage technical and non-technical stakeholders

Nice to Have

1. Experience within banking or financial services environments
2. Familiarity with regulatory, compliance, and risk frameworks relevant to financial institutions
3. Exposure to cloud security, DevSecOps tooling, or penetration testing activities