Application Security Consultant

Organization description

This organization has the most prestigious application security projects and engagements available. 

Function description

In various projects you are responsible for the security of all kind of different applications and the Secure Software Development Life Cycle (SSDLC). You are capable of executing the technical part as well as the consulting part. 

Topics and type of engagements you can expect to work on:

  • Manual security code reviews.

  • API security.

  • Static and Dynamic application security test using tooling such as Checkmarx, Fortify, Webinspect, Veracode, and others.

  • Building security into the software development life cycle and Agile SCRUM sprints.

  • Security within Continuous integration, development and releases processes.

  • Providing secure coding training to customers.

  • Vulnerability management.

 Role related activities

  • Directing team members in terms of content and professional skills.

  • Be able to communicate a strong vision towards clients regarding SSDLC.

  • End to end project management of SSDLC related projects.

  • Perform a QA role on project deliverables and provide a high quality result.

  • Financial monitoring of projects you manage.

  • Advise customers and propose technical solutions which both fit within the customer environment and that might be integrated with other services.

  • Manage relations with market, suppliers and SSDLC security expert groups.

  • Be proactive on the topic of business development and acquisition of new projects and in your field of expertise.

  • Adding value to commercial processes and expanding the network of senior stakeholders at their clients.

What the client requests

Candidates should have at least a Computer Science (Bachelors) degree or similar and a drive to keep developing themselves. Education as a professional will never stop and they expect their professionals to keep developing themselves and keep up-to-date with current techniques and new vulnerabilities. In exchange, they provide an extensive training and development program and access to conferences. They welcome you in their Capture the Flag team. They expect understanding of security concepts (e.g. OWASP, SANS, CVE) and experience and passion in software engineering (coding background).

 What are they looking for?

  • Minimum 3 years of relevant work experience

  • Knowledge of secure software development processes, such as SAMM, BSIMM, ISO27034.

  • Extensive experience in conducting and managing SSDLC projects.

  • Good communication skills (spoken and written), the ability to lead a project, able to head teams and build good business relations.

  • A holistic understanding of security, good overview of all aspects within security (prevention, detection and response) and relevant certifications (such as such GICSP, CISSP, CISM) are value added.

  • A team player who is eager to both experts in their own field, as well as with experts from other departments, collaborate on the best solutions for their customers.

  • Experience in working in a commercial environment is a plus.

  • Stress-resistant, flexible and accurate.

What the client offers

A great career boost, a knowledge boost, great colleagues and the most prestigious projects available. Totally not overrated! 


Uren per week40 upw
NiveauMedior, Senior