Line of Service
Internal Firm Services
IFS - Network Management
Job Description & Summary
A career in our Application Security Code Reviewer, within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. You’ll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.
Our team helps organisations transform their governance, risk, and compliance activities into a tool that is able to anticipate and mitigate risk to drive business performance. In joining, you’ll develop risk management solutions, compliance and ethics controls, business continuity planning, internal audit procedures, and a compliance framework.
- Support application security service onboarding
- Support development team to perform application vulnerability assessments and document vulnerabilities which were found and provide recommendations for remediation according to company guidelines and industry best practices
- Support Integration of static and/or dynamic code analysis tools into SDLC
- Provide guidance to application groups on application security best practices
- Support application security assessment result review and mitigation approval
- Support remediation effort and track open issues and follow up to ensure remediation
- 3+ years experience in application security / application development & builder.
- Bachelor's degree in Computer Science or Engineering or equivalent evidence of aptitude Solid understanding of common web application technologies and languages
- Understanding of Threat modeling and attack vector analysis
- Experience in application security assessment tools such as Veracode, Fortify or others.
- Knowledge of the OWASP Testing Framework and OWASP Top 10
- Ability to understand security assessment report and identify false positive and security issues
- Methodical and organized; able to manage multiple opportunities, projects, and partners concurrently
- Able to multi-task and work independently with minimum supervision to meet firm deadlines
- Performs other special projects or duties as assigned
English Level: Intermediate / Advanced
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:
Degrees/Field of Study preferred:
Certifications (if blank, certifications not specified)
Desired Languages (If blank, desired languages not specified)
Available for Work Visa Sponsorship?
Government Clearance Required?
Job Posting End Date