APPLICATION SECURITY MANAGING CONSULTANT

05-22-2012

APPLICATION SECURITY MANAGING CONSULTANT

JerseyCity, New Jersey

Accuvantis seeking an Application Security Managing Consultant to lead the application security program in a large international enterprise.

Contract Length:

6 months

The analyst will be responsible for the following:

- Lead a team of application security specialists.

- The Application Security Managing Consultant will develop, implement,and manage software security controls in the software development lifecycle (SDLC).

 

Position Requirements:

No clearance required

 

Desired Education:

Bachelor's degree preferred

 

Desired Experience:

6-8 years of experience creating best-practice processes and implementing application security programs within large enterprises inclusive of:

- Threat modeling, including profiling an application, identifying threats, and developing test cases to target identified threats.

- Leading staff in application vulnerability testing and code review,issue tracking and issue resolution.

- Communicating the business impact of identified vulnerabilities and report on mitigation steps and progress.

- Managing the way in which metrics are gathered and tracked in the application vulnerability reporting and remediation process.

- Optimization of the application vulnerability scanning process involving tools such asAppScan, NTO Spider and WebInspect.

- Providing direction for the static analysis and code review activities involving tools such as Ounce, Fortify and AppScan Source Edition .

-Leverage development experience in Java/.NET/C and C++/shell scripting in the application vulnerability identification and remediation process, and the creation of specialized scripts and utilities.

- Advanced understanding of web architecture and protocols (HTTP(S), TCP/IP,ARP, SMTP, DNS, etc).

- Advanced understanding of common software security issues and remediation techniques (OWASP top 10, SANS top 25, etc)

- Very strong written and verbal communications skills

- Very strong project management and leadership skills

- Ability to manage technical resources.

 

Desired Certifications:

- Certified Secure Software Lifecycle Professional (CSSLP) preferred.

Apply