Application Security Analyst/Consultant - Validation en Madrid

Accenture is seeking Application Security Consultants to be assigned to its office located in Madrid or Barcelona (Spain).

Applicants must have Computer Science, Telecommunications or Engineering Degree or a related field and full professional proficiency in English and Spanish. Experience and/or knowledge in other fields of Information Security (Secure development, DevSecOps, Secure Software Design) is valuable.

Selected candidates will take part in Application Security and other Security projects in global & leading companies operating different markets

#GoSecurity

QUALIFICATIONS

Engineer in Computer Science or Telecommunications with experience in performing application security testing.

Valuable certifications such as CSSLP, CISSP, CEH, OSCP, etc.

REQUIREMENTS

Experience in management and definition of security in the software development lifecycle (SDLC)

General knowledge in at least one of the most enterprise-used programming languages as Java, C# .NET, Python, etc.

Experience in SAST solutions such as Fortify or Checkmarx.

Experience in SCA (Software Composition Analysis) such as Dependency-Check, SourceClear and/or WhiteSource.

Experience in conducting security checks (static and dynamic code analysis, vulnerability analysis in applications and application penetration tests)

Experience with OWASP Testing Guide and OWASP TOP 10

Knowledge of other well-known security standards of the industry: OWASP-M, SEI CERT-J, SEI CERT-C, PCI, HIPAA and ISO 27001 are valuable

Experience in testing APIs security

Security knowledge in web applications and common vulnerabilities

Knowledge of SOA security

Knowledge of security focused on mobile applications (REST, JSON, OpenID, OpenAuth, WebToken, SSO)

Knowledge of security in micro-services and Single Page Applications is valuable

RESPONSIBILITIES

Manage group of people and projects

Definition of security testing processes into software development life cycle

Definition of applications security architecture elements

Definition and documentation of security requirements for applications (web, mobile, SOA, etc.).

Definition and measurement of KPI and KRI related to security in applications

Build PoC with clients to determine best tools to be implemented

Vulnerability lifecycle management on client environment

Collaborate with clients to define best approach to maximize the security posture

#GoSecurity