Job Summary:
We are seeking an experienced Application Security Consultant to join our firm with expertise in Application Security and DevSecOps implementation.
Responsibilities:
- Provide security consultancy, technical guidance, and solutions.
- Review application security design, detect potential issues, and drive remediation tasks.
- Assist application teams in developing and implementing security test scripts.
- Conduct security vulnerability scanning activities (VAPT/SAST/DAST/MAST) and triage findings.
- Define scope and review results of security tests, audits, and reviews for assurance.
- Identify and assess cyber risks in applications and networks.
- Perform threat modelling on security-critical applications.
- Recommend and drive cyber security solutions and initiatives.
- Deliver security projects, including software implementation and DevSecOps tool POC.
- Ensure compliance with clients' policies through security reviews and audits.
Requirements:
- Strong understanding of Application Vulnerability (e.g., OWASP Top 10) with the ability to provide mitigation and remediation steps.
- Proficient in Application Threat Modelling and conducting Secure Design Reviews.
- Expertise in DevSecOps implementation, assisting developers in understanding reported vulnerabilities.
- Optional Skills: Familiarity with Government security standards, Security Compliance Checks, Security Vulnerability Scanning, IM8 policies, SSO, OIDC/SAML, MFA Framework.
This role is on an initial contract basis of 12 months.