The Application Security Consultant is responsible for, but not limited to, the following:
• Work with Head of Application Security to develop Security standards
• Partner with product specialist to write new standards to feed into product development e.g. encryption, key management, coding standards
• Work with program specialist and other functions (e.g. PMO) to develop and deploy process to ensure projects are assessed from the beginning and requirements are delivered.
• Working with businesses, SMEs and project management to ensure security requirements are understood and implemented as part of the project lifecycle. The responsibilities also include staying with the project through the cycle (from inception to product implementation) and validating the implementation, as needed.
• Partner with businesses and technology to research and provide security guidance for strategic projects involving new technologies or concepts (e.g. moving a core application to cloud, or developing mobile application, new authentication technology, encryption techniques or technologies, etc.). The position requires on-going partnership (vs. one time guidance) to build environments and deploy technologies in a secure manner and mitigating risks beforehand – truly positioning security as an enabler of business
• Bachelor’s degree in computer science or relevant field or equivalent demonstrable experience
• 7+ years of experience in security field specially around security assessments or audit field
• CISSP required.
• CISA, CISM, PCI QSA or comparable certifications preferred but not required.
• Must have a strong technical background with prior hands-on experience a plus
• Must have demonstrable experience and strong understanding of technologies in one or more of the following areas: advanced authentication technologies, Cloud security, mobile app development and security, SAML, switching and routing, network and end point security technologies.
Talent Acquisition Specialist