Application Tester Security Analyst Madrid / Barcelona

Accenture is seeking Senior Application Security Tester to be assigned to its office located in Madrid or Barcelona (Spain). Applicants must have Computer Science, Telecommunications, Technical Engineering Degree or a related field and full professional proficiency in English and Spanish. Experience in other fields of Information Security (Source Code Review, Security Architecture, Infrastructure Security, SW development, DevSecOps) is desirable.

Selected candidates will take part in Application Security Testing and other Security projects in global & leading companies operating different markets.

#GoSecurity

REQUIREMENTS

•         Candidate must have communication skills, and be able to work on multidisciplinary teams proactively. Experience on participating in meetings with the team and clients.

•         Experience and in-depth knowledge on running security testing, mainly static code analysis and dynamic analysis. Experience on running pentesting is desirable.

•         Experience in Web applications and common vulnerabilities.

•         Experience in developing applications, both Web and scripting.

•         Knowledge on protection of mobile applications, and new IT architectures. Practical experience is desirable.

•         Knowledge in securing APIs.

•         Knowledge or experience in management and definition of security in the software development lifecycle (SDLC).

•         Experience with OWASP Testing Guide v3 / 4 and OWASP TOP 10.

NICE TO HAVE

•         Experience in securing APIs.

•         Knowledge of SOA security.

•         Knowledge of the WS-Security standard.

•         Knowledge in Micro-service security.

•         Knowledge of Waterfall and Agile development methodologies.

•         Knowledge or experience in defining and capturing security requirements in applications.

•         Other languages.

QUALIFICATIONS

•         Technical / Senior Engineer in Computer Science or Telecommunications with at least 2 years of experience in application security testing

•         Valuable certifications such as CSSLP, CISSP, CEH among other.

RESPONSIBILITIES

•         Running security testing (static code analysis, dynamic analysis and pentesting)

•         Provide feedback and support to developers on the best mechanism to solve findings.

•         Reporting of vulnerabilities found on testing.

•         Participate actively on R&D projects. Research and build new approaches to create the next AppSec Testing generation solution.

•         Participate on the definition of applications security architecture elements.

•         Participate on the definition and documentation of security requirements for applications (web, mobile, host, SOA, etc.)

•         Participation on the definition of the secure software development life cycle

•         Build PoC with clients to determine best tools to be implemented

•         Collaboration on managing Threats and Vulnerabilities lifecycle on client environment

•         Participate on security trainings

#GoSecurity