Accenture España
Application Security Testing Consultant
Accenture España, Villa Espana Colonia, Texas, United States
Join to apply for the
Application Security Testing Consultant
role at
Accenture España
Accenture, recognized as a Great Place To Work®, is a leading global professional services company that helps major businesses, public administrations, and other organizations around the world develop their digital core, optimize their operations, accelerate revenue growth, and improve services for citizens, creating tangible value at speed and scale.
Would you like to be part of a team of over 19,000 cybersecurity specialists worldwide? Accenture has an opportunity for you to join our Cybersecurity team.
We are looking for an
Application Security Testing
consultant to take part in Application Security and other Security projects in global & leading companies operating different markets.
Responsibilities and recurring main tasks
Help managing a group of people and projects.
Definition, implementation and execution of security testing processes into software development life cycle.
Validation of applications security architecture elements.
Documentation of security requirements for applications (web, mobile, SOA, etc.) alignment with security testing processes.
Obtain and validate measurement of KPI and KRI related to security in applications.
Build PoC with clients to determine best security testing tools to be applied.
Vulnerability lifecycle management on client environment.
Collaborate with clients to define best approach to maximize the security posture.
Core Skills (Must have)
Experience in conducting security checks (static, software composition and dynamic code analysis, vulnerability analysis in applications and application penetration tests), analyzing test results, documenting risks and recommending countermeasures.
Develop and document security evaluation test plan and procedures.
Assist in researching, evaluating, and developing relevant Information Security policies and guidance.
Actively participate in or lead technical exchange meetings and application review boards, documenting actions items/results of these events.
Develop, assemble, and submit testing results reports that document testing activity and results to support the creation of risk assessments and approval packages.
Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing.
Experience in testing APIs security (also related with mobile applications).
Security knowledge in web applications and common vulnerabilities.
Knowledge of security in micro-services and Single Page Applications is valuable.
Valuable Skills (Nice to have)
Static Code Analysis Tools (SAST): Experience with at least one of the following static code analysis solutions: Checkmarx, Veracode, Kiuwan, Fortify, SourceClear, BlackDuck, Nexus, SonarQube.
Software Composition Analysis Tools (SCA): Experience with at least one of the following software compositon analysis solutions as Dependency-Check, SourceClear and/or WhiteSource.
Dynamic Application Analysis Tools (DAST): Experience with at least one of the following dynamic application analysis solutions: Burp Suite, Postman, MobSF, Qualys, Acunetix, Nessus, Webinspect.
Authentication and authorization: Valuable Knowledge on SOA security and security focused on mobile applications (REST, JSON, OpenID, OAuth, WebToken, SSO).
Security standards: Experience with OWASP Testing Guide, OWASP TOP 10 and knowledge of other well-known security standards of the industry: OWASP-M, SEI CERT-J, SEI CERT-C, PCI DSS…
Application Security standards: Experience with OWASP TOP 10, OWASP ASVS, CWE, MITRE, CAPEC, SANS 25.
Valuable certifications
CSSLP, OSCP, OSWE.
Equal Employment Opportunity Statement All employment decisions shall be made without regard to age, race, creed, colour, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law.
Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Consulting, Analyst, and Information Technology
Industries
Business Consulting and Services
IT Services and IT Consulting
Computer and Network Security
Referrals increase your chances of interviewing at Accenture España by 2x
Get notified about new Application Security Consultant jobs in
Spain .
#J-18808-Ljbffr
Application Security Testing Consultant
role at
Accenture España
Accenture, recognized as a Great Place To Work®, is a leading global professional services company that helps major businesses, public administrations, and other organizations around the world develop their digital core, optimize their operations, accelerate revenue growth, and improve services for citizens, creating tangible value at speed and scale.
Would you like to be part of a team of over 19,000 cybersecurity specialists worldwide? Accenture has an opportunity for you to join our Cybersecurity team.
We are looking for an
Application Security Testing
consultant to take part in Application Security and other Security projects in global & leading companies operating different markets.
Responsibilities and recurring main tasks
Help managing a group of people and projects.
Definition, implementation and execution of security testing processes into software development life cycle.
Validation of applications security architecture elements.
Documentation of security requirements for applications (web, mobile, SOA, etc.) alignment with security testing processes.
Obtain and validate measurement of KPI and KRI related to security in applications.
Build PoC with clients to determine best security testing tools to be applied.
Vulnerability lifecycle management on client environment.
Collaborate with clients to define best approach to maximize the security posture.
Core Skills (Must have)
Experience in conducting security checks (static, software composition and dynamic code analysis, vulnerability analysis in applications and application penetration tests), analyzing test results, documenting risks and recommending countermeasures.
Develop and document security evaluation test plan and procedures.
Assist in researching, evaluating, and developing relevant Information Security policies and guidance.
Actively participate in or lead technical exchange meetings and application review boards, documenting actions items/results of these events.
Develop, assemble, and submit testing results reports that document testing activity and results to support the creation of risk assessments and approval packages.
Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing.
Experience in testing APIs security (also related with mobile applications).
Security knowledge in web applications and common vulnerabilities.
Knowledge of security in micro-services and Single Page Applications is valuable.
Valuable Skills (Nice to have)
Static Code Analysis Tools (SAST): Experience with at least one of the following static code analysis solutions: Checkmarx, Veracode, Kiuwan, Fortify, SourceClear, BlackDuck, Nexus, SonarQube.
Software Composition Analysis Tools (SCA): Experience with at least one of the following software compositon analysis solutions as Dependency-Check, SourceClear and/or WhiteSource.
Dynamic Application Analysis Tools (DAST): Experience with at least one of the following dynamic application analysis solutions: Burp Suite, Postman, MobSF, Qualys, Acunetix, Nessus, Webinspect.
Authentication and authorization: Valuable Knowledge on SOA security and security focused on mobile applications (REST, JSON, OpenID, OAuth, WebToken, SSO).
Security standards: Experience with OWASP Testing Guide, OWASP TOP 10 and knowledge of other well-known security standards of the industry: OWASP-M, SEI CERT-J, SEI CERT-C, PCI DSS…
Application Security standards: Experience with OWASP TOP 10, OWASP ASVS, CWE, MITRE, CAPEC, SANS 25.
Valuable certifications
CSSLP, OSCP, OSWE.
Equal Employment Opportunity Statement All employment decisions shall be made without regard to age, race, creed, colour, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law.
Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Consulting, Analyst, and Information Technology
Industries
Business Consulting and Services
IT Services and IT Consulting
Computer and Network Security
Referrals increase your chances of interviewing at Accenture España by 2x
Get notified about new Application Security Consultant jobs in
Spain .
#J-18808-Ljbffr