Vakante Jobangebote finden Sie unter Projekte.
Application Security Consultant
Eingestellt von Hyphen
Gesuchte Skills: Consultant, Client
Projektbeschreibung
Start date June 2013
Duration 4 months
Financial Services
* Experienced in Information Security
* OWASP
* Experienced Risk Consultant/Applications Risk Consultant
* Experience of leading risk assessments or audits (application and infrastructure)
A leading financial services organisation is looking for an experienced Application Security Consultant to perform a security controls assessment across key applications and infrastructure. The candidate will demonstrate experience in leading security assessments and reviews using both technical and non technical methods, gathering and collecting evidence, and presenting risk prioritised findings to key stakeholders. They will have ideally come from a applications security consultancy background or has previously performed the role of an assessor, auditor or security tester with a solid understanding of information security best practice principles and SDLC concepts, and common vulnerabilities such as OWASP Top 10.
Key Responsibilities
To Measure application compliance against defined security controls, working closely with technical team, collecting reports data/MI, best practice and present technical findings in a visual display/pivot tables. Be able to identify gaps and possibly to come from a development or penetration testing background, good spread of skills.
Discuss findings with the SME's to define appropriate actions to reduce risk exposed by the failing control. Formally drive and track remedial actions and manage with system or development team.
work closely with Security Architect to help maintain Application Security Baselines and the ability to interpret the results of application and infrastructure penetration tests.
Liaise with internal/external auditors when appropriate
Key Skills
Risk Management methodologies ie IRAM
ISO27001/2 Controls Knowledge.
Exposure to OSSTM, CVSS, CWE, OWASP Top 10
Strong written and verbal communication skills to both technical and non-technical audiences.
Good Presentation skills and Security Assessment Report writing skills to summarise key findings, conclusion, and recommendations.
Hy-phen Limited is acting as an Employment Business in relation to this vacancy.
Projektdetails
-
Einsatzort:
Reading, Vereinigtes Königreich
-
Projektbeginn:
asap
-
Projektdauer:
Keine Angabe
- Vertragsart:
-
Berufserfahrung:
Keine Angabe
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Organisation/Management