Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.

Application Security Risk Consultant

Eingestellt von Hyphen

Gesuchte Skills: Consultant, Client


Hyphen Outsourcing are looking for an Application Security Risk Consultant to work for FTSE 100 client based in Reading, Berkshire with some travel to London.

Start date June 2013

Duration 4 months

Financial Services

* Experienced in Information Security


* Experienced Risk Consultant/Applications Risk Consultant

* Experience of leading risk assessments or audits (application and infrastructure)

A leading financial services organisation is looking for an experienced Application Security Consultant to perform a security controls assessment across key applications and infrastructure. The candidate will demonstrate experience in leading security assessments and reviews using both technical and non technical methods, gathering and collecting evidence, and presenting risk prioritised findings to key stakeholders. They will have ideally come from a applications security consultancy background or has previously performed the role of an assessor, auditor or security tester with a solid understanding of information security best practice principles and SDLC concepts, and common vulnerabilities such as OWASP Top 10.

Key Responsibilities

To Measure application compliance against defined security controls, working closely with technical team, collecting reports data/MI, best practice and present technical findings in a visual display/pivot tables. Be able to identify gaps and possibly to come from a development or penetration testing background, good spread of skills.

Discuss findings with the SME's to define appropriate actions to reduce risk exposed by the failing control. Formally drive and track remedial actions and manage with system or development team.

work closely with Security Architect to help maintain Application Security Baselines and the ability to interpret the results of application and infrastructure penetration tests.

Liaise with internal/external auditors when appropriate

Key Skills

Risk Management methodologies ie IRAM

ISO27001/2 Controls Knowledge.

Exposure to OSSTM, CVSS, CWE, OWASP Top 10

Strong written and verbal communication skills to both technical and non-technical audiences.

Good Presentation skills and Security Assessment Report writing skills to summarise key findings, conclusion, and recommendations.

Hy-phen Limited is acting as an Employment Business in relation to this vacancy.


  • Vertragsart:


  • Berufserfahrung:

    Keine Angabe

Geforderte Qualifikationen


use Date;