Beschreibung
Unser Unternehmen ist ein strategisches Beratungsunternehmen mit Fokus auf den Energie- und Versorgungssektor, dessen Dienstleistungsschwerpunkt auf die Bereiche Business Intelligence- Lösungen, Compliance- & Investitionssicherheit sowie Prozess- und Projektmanagement gerichtet ist. Für unser Kunden-Projekt suchen wir ab SOFORT eine/nConsultant - Application Security (m/w)
Start ASAP bis 29. April 2016; Verlängerung möglich
Volumen 480 Stunden Onsite
Languages: English and German language skills fluent up to board level
Location: Hanover
Travelling: Across EU majorly (at the moment don’t see any travel outside of EU) Budget 120 hours
Tasks:
The Application Security Specialist/Consultant will be the lead technical resource for security of all applications which are both internally and externally developed as well as the ones hosted on cloud/SaaS platforms.
Actively manage the application security activities associated with secure software development cycle to address existing and evolving risks and threats.
Hold regular meetings with development teams to review overall application security status
Identify and help application developers remediate potential security flaws.
Work closely with development teams to remediate application vulnerabilities detected through security scanning tools.
Provide technical consulting to management, business users, security champions, and technical associates to assure that applications are secure.
Provide and/or organize appropriate application security training and awareness for technical and non-technical staff.
Liaise with architects, developers, and operations to ensure that the Secure SDLC is followed.
Ensure Security is integrated into the Software Development Lifecycle (SDLC) by performing assessments of Secure SDLC activities in projects.
Identify and document innovation topics with respect to application security
Review and update application security documentation regularly (e.g. application security design and secure coding guidelines)
Work with vendors to support new and existing tools and environments
Schedule and lead regular security reviews and tests
Work with the development teams, configuration management, and release management teams to include security reviews and scans as part of the regular code releases.
Conduct research into new technologies, including tools, components, and frameworks.
Project, task management and reporting as necessary.
Make presentations to management, clients, and peer groups as and when required.
Fach-Skills:
Must have a Bachelor’s degree in Computer Science or related field and 5 or more years' experience in application security.
Secure SDLC and language specific security coding knowledge required
Significant experience in IT Architecture, Software Development and the IT Security sector as a whole
Documented knowledge of experience in AppSec and Mobile/Cloud based Applications
Familiar with OWASP, security code review, threat modeling, application penetration assessment and testing.
English and German language skills fluent up to board level
Bewerbung und Kontakt:
Sollten wir Ihr Interesse geweckt haben, dann freuen wir uns auf die Übersendung Ihres aussagekräftigen Profils unter der Angabe Ihres Stundensatzes und Verfügbarkeit.
Herzlichen Dank im Voraus und mit besten Grüßen