Accenture is seeking Application Security Consultants to be assigned to its office located in Madrid or Barcelona (Spain).
Applicants must have Computer Science, Telecommunications or Engineering Degree or a related field and full professional proficiency in English and Spanish.
Experience and / or knowledge in other fields of Information Security (Secure development, DevSecOps, Secure Software Design) is valuable.
Selected candidates will take part in Application Security and other Security projects in global & leading companies operating different markets#GoSecurity QUALIFICATIONSEngineer in Computer Science or Telecommunications with experience in performing application security testing.
Valuable certifications such as CSSLP, CISSP, CEH, OSCP, etc. REQUIREMENTSExperience in management and definition of security in the software development lifecycle (SDLC)General knowledge in at least one of the most enterprise-used programming languages as Java, C# .
NET, Python, etc.Experience in SAST solutions such as Fortify or Checkmarx.Experience in SCA (Software Composition Analysis) such as Dependency-Check, SourceClear and / or WhiteSource.
Experience in conducting security checks (static and dynamic code analysis, vulnerability analysis in applications and application penetration tests)Experience with OWASP Testing Guide and OWASP TOP 10Knowledge of other well-known security standards of the industry : OWASP-M, SEI CERT-J, SEI CERT-C, PCI, HIPAA and ISO 27001 are valuableExperience in testing APIs securitySecurity knowledge in web applications and common vulnerabilitiesKnowledge of SOA securityKnowledge of security focused on mobile applications (REST, JSON, OpenID, OpenAuth, WebToken, SSO)Knowledge of security in micro-services and Single Page Applications is valuable RESPONSIBILITIESManage group of people and projectsDefinition of security testing processes into software development life cycleDefinition of applications security architecture elementsDefinition and documentation of security requirements for applications (web, mobile, SOA, etc.
Definition and measurement of KPI and KRI related to security in applicationsBuild PoC with clients to determine best tools to be implementedVulnerability lifecycle management on client environmentCollaborate with clients to define best approach to maximize the security posture #GoSecurity