|Location||Leeds, United Kingdom|
|Date Posted||April 13, 2018|
The application Security consultant will be focused on delivering an over arching review of the code base, practises and SDLC currently in place to suggest suitable enhancements.
Gap analysis of current SDLC approach against best practice.
Define the roles and responsibilities for secure development and testing
Develop the plan of improvement and deliver
Update and publish standards, processes and procedure for secure development
Select and implement tools for code analysis
Develop MI and appropriate KRI’s associated with identification and resolution
Develop a training and awareness plan for staff and deliver
Develop testing checklists around Information Gathering, Configuration and Deployment testing, Identity management testing, authentication testing, Data Validation, Error Handling, Cryptography etc…
Develop a threat model
Develop functional and non-functional test requirements
Awareness of network security, solution design, testing framework and functional code
Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls
5 (or more) years of demonstrated experience in product development, strategy, and market research
Experience of working in waterfall and agile lifecycles.
Business and Personal Leadership/skills and attitudes