Tuesday, October 7, 2014

Application Security Consultant

Application Security Consultant (job# 8014 & 8073) – Foster City, CA
(approx. 3-6 month contract + likely extension)

Duties / Responsibilities:
-This candidate will join Global Information Security and will help drive the successful adoption of Secure Software Development Lifecycle practices across the product development teams and help build foundational application security capabilities.
- Help define consistent Secure Software Development Lifecycle practices for all the technology projects throughout the planning and delivery cycles that assure that investments in IT generate business value and mitigate the risks associated with information security 
- Ensure end-to-end security of the products by hands on testing, hypothesizing threats, helping development teams, remediating risks upfront and championing secure implementation efforts
- Improve secure coding practices, application security requirements, automation, training, and metrics. 
- Integrate threat modeling practices into the Software Development Lifecycle.
- Help build secure products and standards around emerging technologies and fields lacking existing standards and security practices
- Help to define simplified security metrics approach that enables executive leaders, line leaders, and operational staff to quickly take action on application security related risks.  
- Develop and optimize processes to improve software development efficiency in the consumption of security development practices. 

TOP REQUIREMENTS / MUST-HAVE’s:                   
- Minimum of 4-7 years’ experience within technology, information security, and/or application development.
- Programming language knowledge within C#, C++, and .NET is a MUST (no coding required, but must be able to review and read code to offer suggestions).
- Familiarity with Waterfall and Agile development processes and have experience integrating secure development practices into both models; Agile SDLC processes and PMO reengineering.
- Undergraduate degree in Computer Science, Electrical Engineering or a related technical discipline; advanced degree preferred.
- PREFERRED understanding of OWASP Top 10 and CWE 25 (with proven track record and experience in implementing and integrating remediation strategies).

Jennifer Whittle
Senior Technical Recruiter
Linking Talent with Opportunity
Direct:  925.627.4942

Web: ascentsg.com
Twitter: @jwhit_ascentsg / 
Facebook: Ascent Services Group
LinkedIn: Ascent Services Group