This listing has expired.
Senior Application Security Consultant
Responsibilities:
- Lead engagements from start to completion, working closely with internal and external teams.
- Provide application security services including design review and pen-testing of web, mobile, or desktop applications using automation tools as well as manual methods.
- Create and deliver application security design documents and risk assessment reports.
- Design application security solutions to meet clients’ needs.
- Review issues identified and related remediation with clients and assist with implementation.
- Work closely with client’s development teams and assist with secure development activities
- Champion cross-domain collaboration and coordination of security efforts.
- Provide Application Security subject matter expertise, peer reviews, and mentorship.
- Assist with Cloud Infrastructure security and engagements in other domains as appropriate.
- Contribute to Forward Security’s growth and role as an industry leader by delivering best-in-class services.
- Assist with technical sales of application security and other services.
- Identify areas for process improvement and automation, and aid in efforts to implement the recommendation as appropriate.
- Provide regular updates to Forward Security leadership on key activities, metrics, accomplishment, and blockers.
- Partake in educational activities including attending appropriate training and conferences.
Requirements
- Bachelor’s degree in Computer Science, Computer Engineering or equivalent.
- 3+ years of work experience in an Information Security role, with min. 2 year in Application Security.
- 2+ years of modern software development experience (API expertise is a plus).
- Strong understanding of secure software design, development methodologies, and principles.
- Good knowledge of programming languages such as Java, JavaScript, C#, Python, or C/C++, as well as related application development frameworks.
- Ability to identify and protect against web and mobile applications security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
- Experience with static and dynamic security analysis tools, as well as black-box and white-box methodologies.
- Knowledgeable of tactics, techniques, and procedures used for software security exploitation.
- Experience with application security architecture, design consulting, and risk assessment using industry leading processes and methodologies.
- Ability to create and execute test plans and provide supporting documentation and metrics.
- Knowledge of authentication and authorization protocols such as OpenID, OpenID Connect, OAuth, and SAML, as well as applied cryptography.
- Familiarity with cloud platforms and automated security assessment tools
- Contributions to the security community such as research, presentations, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications.
- Highly motivated, self-starter, team player, and driven to overcome obstacles.
- Excellent communication and executive-level presentation skills.
- Passionate about software and security with an Ethical Hacker mindset.