Accenture is seeking Senior Application Security Tester to be assigned to its office located in Madrid or Barcelona (Spain). Applicants must have Computer Science, Telecommunications, Technical Engineering Degree or a related field and full professional proficiency in English and Spanish. Experience in other fields of Information Security (Source Code Review, Security Architecture, Infrastructure Security, SW development, DevSecOps) is desirable.
Selected candidates will take part in Application Security Testing and other Security projects in global & leading companies operating different markets.
• Candidate must have communication skills, and be able to work on multidisciplinary teams. Experience on conducting meetings both internal and external teams as well as clients.
• Experience and in-depth knowledge on running security testing, mainly static code analysis and dynamic analysis. Experience on running pentesting is desirable.
• Experience on protection of mobile applications, and new IT architectures. Practical experience is desirable
• Experience in Web applications and common vulnerabilities.
• Experience in developing applications, both Web and scripting.
• Experience in securing APIs
• Knowledge or experience in management and definition of security in the software development lifecycle (SDLC)
• Knowledge of Waterfall and Agile development methodologies
• Knowledge or experience in defining and capturing security requirements in applications
• Experience with OWASP Testing Guide v3 / 4 and OWASP TOP 10
NICE TO HAVE
• Knowledge of SOA security
• Knowledge of the WS-Security standard
• Knowledge in Micro-service security. Experience is desirable
• Integration of SAST & DAST tool on the SDLC.
• Experience on delivering security trainings.
• Other languages
• Technical / Senior Engineer in Computer Science or Telecommunications with at least 4 years of experience in application security testing
• Certifications such as CSSLP, CISSP, CEH, OSCP.
• Experience on running security testing (static code analysis, dynamic analysis and pentesting)
• Manage clients and team expectations.
• Provide feedback and support to developers on the best mechanism to solve findings.
• Reporting of vulnerabilities found on testing.
• Participate actively on R&D projects. Research and build new approaches to create the next AppSec Testing generation solution.
• Definition of applications security architecture elements.
• Definition and documentation of security requirements for applications (web, mobile, host, SOA, etc)
• Participation on the definition of the secure software development life cycle
• Participation on definition of KPI and KRI related to security in applications
• Build PoC with clients to determine best tools to be implemented
• Collaboration on managing Threats and Vulnerabilities lifecycle on client environment
• Participate and/or run security training
Selecciona abajo la región que te interesa y recibe ofertas que se adapten a tu perfil en tu correo electrónico.