Software Application Security Consultant / Contractor £NEG REF 672 test

Location Leeds, United Kingdom
Date PostedApril 13, 2018
Job TypeContractor


The application Security consultant will be focused on delivering an over arching review of the code base, practises and SDLC currently in place to suggest suitable enhancements.

Key responsibilities

Gap analysis of current SDLC approach against best practice.

Define the roles and responsibilities for secure development and testing

Develop the plan of improvement and deliver

Update and publish standards, processes and procedure for secure development

Select and implement tools for code analysis

Develop MI and appropriate KRI’s associated with identification and resolution

Develop a training and awareness plan for staff and deliver

Develop testing checklists around Information Gathering, Configuration and Deployment testing, Identity management testing, authentication testing, Data Validation, Error Handling, Cryptography etc…

Develop a threat model

Develop functional and non-functional test requirements

Required experience

Awareness of network security, solution design, testing framework and functional code

Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls

5 (or more) years of demonstrated experience in product development, strategy, and market research

Experience of working in waterfall and agile lifecycles.

Business and Personal Leadership/skills and attitudes