About the Client
Our Client is an internal IT service provider for company operating in 220 countries.
About the Role
Our Client is looking for an experienced and passionate Consultant, Information Security (Applications) to join their Information Security Services team.
The team’s mission is to predict and prevent incidents by identifying and helping to remediate security threats and weaknesses IT portfolio, emphasizing on applications & services.
Being part of this team, you will provide end-to-end security consultancy on application layer, building security into our IT solutions from very beginning. The projects will seek your advice and support along the risk position of the service in its lifecycle.
Your work is essential to protect group’s information assets in a dynamic threat landscape by secure design. To achieve this, you will be interacting with their business colleagues, their solution architects and developers, to name a few.
• Support projects along the secure development lifecycle in all security related matters
• Provide consultancy and review on secure architectures
• Run penetration tests and facilitate risk based decision making, propos mitigation for issues identified
• Be subject matter expert for identity and access management within application security consultancy
• Participate on change and external link management processes by doing technical security reviews
• Communicate regularly to our stakeholders about risk position and mitigation
• Participate on change and configuration management by doing technical security reviews
• Assist and train junior team members
• Prior knowledge in penetration testing tools such as Burp Suite, App Scan & OWASP ZAP
• At least 5 years of experience in end to end application consultancy
• Up-to date knowledge about current architecture patterns and application stacks used in application development
• Experienced in mobile application penetration testing
• Communication and time-management skills
• Ability to adapt to dynamic threat landscape in a global environment
• Ability to work unsupervised, under pressure and meet deadlines
• Creative with strong commitment to quality and excellence
• Educated to degree level in IT Security, Engineering or equivalent
• Strong analytical skills and efficient problem solving
• Fluency in English
Nice to Have Skills
• Certifications like GIAC family, CISSP, CISA, CEH, CompTIA Security+ or similar
• DevSecOps experience related to application deployments
• Experience with cloud technologies
• Mobile application framework