Application Security Managing Consultant

Location:

Jersey City, New Jersey

Duration: 6 months

Accuvantis is seeking an Application Security Managing Consultant to lead the application security program in a large international enterprise.

The analyst will be responsible for:

• Leading a team of application security specialists.
• Developing, implementing, and managing software security controls within the software development lifecycle (SDLC).

• No security clearance required.
• Bachelor's degree preferred.

• 6-8 years of experience in creating best-practice processes and implementing application security programs in large enterprises, including:
• Threat modeling, profiling applications, identifying threats, and developing test cases.
• Leading staff in vulnerability testing, code review, issue tracking, and resolution.
• Communicating the business impact of vulnerabilities and reporting mitigation steps.
• Managing metrics for vulnerability reporting and remediation.
• Optimizing vulnerability scanning processes with tools like App Scan, NTO Spider, and Web Inspect.
• Providing direction for static analysis and code review with tools such as Ounce, Fortify, and App Scan Source Edition.
• Leveraging development experience in Java, .NET, C, C++, and shell scripting for vulnerability identification and creating utilities.
• Having an advanced understanding of web architecture and protocols (HTTP(S), TCP/IP, ARP, SMTP, DNS, etc.).
• Having an advanced understanding of common security issues and remediation techniques (OWASP Top 10, SANS Top 25).
• Excellent written and verbal communication skills.
• Strong project management and leadership abilities.
• Ability to manage technical resources.

• Certified Secure Software Lifecycle Professional (CSSLP) preferred.