Application Security Consultants - Application Security Testing

Accenture
Accenture
Madrid, SpainOn-siteCompetitiveAdded 2 months ago

Original Advert

Accenture, recognized as a Great Place To Work®, is a leading global professional services company that helps major businesses, public administrations, and other organizations around the world develop their digital core, optimize their operations, accelerate revenue growth, and improve services for citizens, creating tangible value at speed and scale.

Would you like to be part of a team of over 19,000 cybersecurity specialists worldwide? Accenture has an opportunity for you to join our Cybersecurity team.

An Application Security Testing analyzes a given situation to determine which security testing approaches are most likely to succeed, implement them and evaluate its effectiveness.

Also demonstrating the attacker mentality by discovering key information about a target, performing actions in a protected environment that a malicious person would perform and understand how evidence of the attack could be deleted.

As a member of the Security Team, the Application Security Testing Analyst will work in a collaborative environment where sharing skills and expertise is part of its DNA, cultivating a culture of security awareness to ensure security policies for applications, environments and systems are followed at all times.

Continuous learning is encouraged (and needed!) through our extensive training program, classroom/online courses from well-known providers and certifications.

Applicants must have Computer Science, Telecommunications or Engineering Degree or a related field, with experience in performing Application Security testing.

Selected candidates will take part in Application Security and other Security projects in global & leading companies operating different markets.

Responsibilities and recurring main tasks

  • Help managing a group of people and projects.
  • Definition, implementation and execution of security testing processes into software development life cycle.
  • Validation of applications security architecture elements.
  • Documentation of security requirements for applications (web, mobile, SOA, etc.) alignment with security testing processes.
  • Obtain and validate measurement of KPI and KRI related to security in applications.
  • Build PoC with clients to determine best security testing tools to be applied.
  • Vulnerability lifecycle management on client environment.
  • Collaborate with clients to define best approach to maximize the security posture.

Core Skills ("Must have")

These are the main skills that an Application Security Tester should demonstrate and exercise on a daily basis in order to fulfill its responsibilities and recurring tasks:

  • Experience in conducting security checks (static, software composition and dynamic code analysis, vulnerability analysis in applications and application penetration tests), analyzing test results, documenting risks and recommending countermeasures.
  • Develop and document security evaluation test plan and procedures.
  • Assist in researching, evaluating, and developing relevant Information Security policies and guidance.
  • Actively participate in or lead technical exchange meetings and application review boards, documenting actions items/results of these events.
  • Develop, assemble, and submit testing results reports that document testing activity and results to support the creation of risk assessments and approval packages.
  • Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing.
  • Experience in testing APIs security (also related with mobile applications).
  • Security knowledge in web applications and common vulnerabilities.
  • Knowledge of security in micro-services and Single Page Applications is valuable.

Valuable Skills ("Nice to have")

Although not all of them are required, breadth and depth of the following skills are positive valued for an Application Security Tester role:

  • Technology Ecosystems: General knowledge in at least one of the most enterprise-used programming languages as Java/C# .NET, C/C++, Javascript, PHP, Ruby/Perl/Python, Java Android/Kotlin, Objective-C/Swift, Powershell...
  • Static Code Analysis Tools (SAST): Experience with at least one of the following static code analysis solutions: Checkmarx, Veracode, Kiuwan, Fortify, SourceClear, BlackDuck, Nexus, SonarQube...
  • Software Composition Analysis Tools (SCA): Experience with at least one of the following software compositon analysis solutions as Dependency-Check, SourceClear and/or WhiteSource...
  • Dynamic Application Analysis Tools (DAST): Experience with at least one of the following dynamic application analysis solutions: Burp Suite, Postman, MobSF, Qualys, Acunetix, Nessus, Webinspect...
  • Authentication and authorization: Valuable Knowledge on SOA security and security focused on mobile applications (REST, JSON, OpenID, OAuth, WebToken, SSO).
  • Security standards: Experience with OWASP Testing Guide, OWASP TOP 10 and knowledge of other well-known security standards of the industry: OWASP-M, SEI CERT-J, SEI CERT-C, PCI DSS...
  • Application Security standards: Experience with OWASP TOP 10, OWASP ASVS, CWE, MITRE, CAPEC, SANS 25.

Valuable certifications

  • CSSLP, OSCP, OSWE

About Accenture

Accenture is a leading global professional services company that helps the world's leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services-creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world's leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.

Visit us atwww.accenture.com

Declaración de igualdad de oportunidades en el empleo

Creemos que nadie debe ser discriminado por sus diferencias. Todas las decisiones de empleo se tomarán sin importar la edad, raza, credo, color, religión, sexo, origen nacional, ascendencia, discapacidad, condición de veterano militar, orientación sexual, identidad o expresión de género, información genética, estado civil, ciudadanía ni ningún otro criterio protegido por la legislación aplicable. Nuestra rica diversidad nos hace más innovadores, competitivos y creativos, lo que nos ayuda a servir mejor a nuestros clientes y comunidades.

Ingeniero-Arquitecto Técnico - Palma de Mallorca

Palma, Spain
2d ago

Aftermarket Sales Consultant

Madrid, Spain
2d ago

Técnico Middleware

Madrid, Spain
2d ago

Security Hacking Expert

Bilbao, Spain
4d ago

Puesta en Marcha - Commissioning PFV

València, Spain
4d ago

Técnico Perfilado

Madrid, Spain
1w ago

DevOps Platform Engineer

Sevilla, Spain
1w ago

Outsystem Senior Developer

Madrid, Spain
1w ago

SAP Ariba & Fieldglass

Madrid, Spain
1w ago

S&C - Resources Strategy Consultant

Madrid, Spain
1w ago

Manager Generative AI

Madrid, Spain
1w ago

Application Security Consultants - Security by Design

Madrid, Spain
1w ago

Industrial Cyber Security Specialist

Illescas
2d ago

Security Hacking Expert

Bilbao, Spain
4d ago

Senior Security Engineer - Full remote in Spain

Barcelona, Spain; Madrid, Spain; Mallorca, Spain; Sevilla, Spain; Valencia, Spain
4d ago

Sovereign Cloud Security Senior Specialist (f/m/d)

León, Spain
1w ago

Site Security and Automation Lead -Viana (Cerca de Logroño)

Viana, Spain
1w ago

SOC Analyst (German Speaker) - Staff - EY GDS Spain - Hybrid

Málaga, Spain
1w ago

Cybersecurity Engineer (Microsoft Defender) - Senior - EY GDS Spain - Hybrid

Málaga, Spain
1w ago

Senior OT / ICS Security Consultant - EY GDS Spain - Hybrid

Málaga, Spain
1w ago

#CORE DIGITAL CAMPUS - Network Security Engineer

Albacete, Spain
1w ago

Security Managed Services Practitioner

Mérida, Spain
1w ago

Application Security Consultants - Security by Design

Madrid, Spain
1w ago

Brand Manager

Madrid, Spain
1d ago

Multi-Hotel Revenue Manager | 6-Month Fixed-Term Contract

Madrid, Spain
1d ago

Fuel and Air to Air Refuelling (AAR) systems Engineer (F/M) for Military A/C- Development projects

Madrid, Spain
1d ago

Portfolio Monitoring Specialist – Real Estate

Madrid, Spain
1d ago

Engineer - Tunnel Ventilation Systems and FLS

Madrid, Spain (Hybrid)
1d ago

AWS Enterprise Account Manager

Madrid, Spain
2d ago

Mission Systems SW Development Engineer

Madrid, Spain
2d ago

HR Business Partner (Temp Agency)

Madrid, Spain
2d ago

Técnico Middleware

Madrid, Spain
2d ago

Aftermarket Sales Consultant

Madrid, Spain
2d ago

Software Development Engineer (Java&AWS), Ring

Madrid, Spain
2d ago

Application managed by Accenture