Application Security ConsultantCompany:
Lowell Group Location:
Main purpose of job
Reporting to the UK Head of Application Services, the security consultant is to create a SDLC and embed within the wider change management framework
Gap analysis of Lowells current SDLC approach against best practice.
Define the roles and responsibilities for secure development and testing
Develop the plan of improvement and deliver
Update and publish standards, processes and procedure for secure development
Select and implement tools for code analysis
Develop MI and appropriate KRIs associated with identification and resolution
Develop a training and awareness plan for Lowell staff and deliver
Develop testing checklists around Information Gathering, Configuration and Deployment testing, Identity management testing, authentication testing, Data Validation, Error Handling, Cryptography etc
Develop a threat model
Develop functional and non-functional test requirements
Awareness of network security, solution design, testing framework and functional code
Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls
5 (or more) years of demonstrated experience in product development, strategy, and market research
Previous professional information security experience, with penetration testing or "breaker" experience. CEH, CHFI preferable.
Experience of working in waterfall and agile lifecycles.
Business and Personal Leadership/skills and attitudes
Listens in order to clarify information; sends both written and verbal messages in a clear manner uses clear language and avoids jargon
Takes a systematic approach to solving problems rather than reacting to symptoms.
Recognizes problems as they arise and uses good judgement and common sense to resolve issues and uses experience and knowledge to detect work related problems.
Team Work and Co-operation
Demonstrates a strong willingness to work closely with colleagues or with other employees towards a common goal as opposed to working in competition with others or in silo. Regularly informs other team members of both the events or issues and the ability to process and collate collective actions affecting the group. Supports the teams decisions and is open to being flexible towards ideas put forward by others.
Strong presence and personal credibility with stakeholder management skills.
Influencing skills at all levels and ability to challenge and change behaviours at a senior level
Highly motivated to add value, deliver and exceed expectations.
Highly flexible team working approach within a matrix structure
Strong professionalism with high standards surrounding quality of work output.
Ability to quickly build strong relationships to deliver successful results.
Resilient problem solver with strong ability to tackle difficult situations appropriately and sensitively.
Ability to build effective working relationships at all levels of the business and adaptable to different business cultures.
Ability to adapt within a fast paced and changing environment and embrace new challenges within the relevant business areas.
Other recent jobs in Leeds