Software Application Security Consultant / Contractor £NEG REF 672 test

Location Leeds, United Kingdom
Date PostedApril 13, 2018
CategoryAnalysis
Job TypeContractor
Salary£NEG

Description

The application Security consultant will be focused on delivering an over arching review of the code base, practises and SDLC currently in place to suggest suitable enhancements.



Key responsibilities



Gap analysis of current SDLC approach against best practice.


Define the roles and responsibilities for secure development and testing


Develop the plan of improvement and deliver


Update and publish standards, processes and procedure for secure development


Select and implement tools for code analysis


Develop MI and appropriate KRI’s associated with identification and resolution


Develop a training and awareness plan for staff and deliver


Develop testing checklists around Information Gathering, Configuration and Deployment testing, Identity management testing, authentication testing, Data Validation, Error Handling, Cryptography etc…


Develop a threat model


Develop functional and non-functional test requirements



Required experience



Awareness of network security, solution design, testing framework and functional code


Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls


5 (or more) years of demonstrated experience in product development, strategy, and market research


Experience of working in waterfall and agile lifecycles.


Business and Personal Leadership/skills and attitudes