Application Security Manager
- ogłoszenie wygasło miesiąc temu
- Umowa o pracę
- Pełny etat
- rekrutacja zdalna
Building a strong team by selecting the best competencies and talents.
Coordinate teams, projects and participate in discussions with clients on daily basis.
Participate in business development activities (including responses to RFP/I).
Design & Implement secure software development life cycle solutions based on various tools.
Contribute to tool evaluation, selection and recommendation internally and to clients.
Provide advisory to different groups (Technology, Developers, Digital Transformation, etc.).
Participate in execution of training program for different teams.
Define secure software development life cycle for large projects and teams.
Define applications security architecture elements.
Define documentation of security requirements for applications (web, mobile, host, SOA, etc.).
Assistance with KPIs and KRIs related to security in applications.
Coordinate the construction of labs and PoC to improve project and service delivery.
Work with senior management on defining roadmaps, needs and provide short and mid-term forecasting.
Collaborate with clients to define best approach to maximize the security posture.
Contribute to R&D activities as a Subject Matter Expert & internal professional community.
What we expect from you:
- Master Degree in Computer Science, Telecommunications or Information Security.
- Knowledge of penetration testing and security testing
- Knowledge of good modern cryptographic practices (PKI, RSA, others)
- Knowledge of popular attack methods (XSS, CSRF, SQL injection, code injection, etc)
- Knowledge of Content Security Policy, CORS. authorization, authentication, session management.
- Knowledge and experience in backend programming and developing.
- Knowledge and experience in working with IT/application security systems, e.g. IDS / IPS, WAF, URL filtering, others.
- Certifications such as CSSLP, CISSP, CISA, etc. are preferred.
- Certifications from pentesting vendors (OSCP, CEH,…) are preferred.
- SAST & DAST tools related education and certificates are beneficial.
- At least 3 years of experience in the Application Development (DevOps).
- At least 1 year of experience in Application Security Testing.
- Passion for Security, Agile, and DevOps.
- Experience in management and definition of security in the software development lifecycle (SDLC).
- Experience in software development and SDLC in Java, Python, C#, etc…
- Experience with Automation in testing or orchestration Selenium, Maven, Ant, Msbuild, Npm, Yarn, Jenkins, Team City, etc.
- Knowledge of conducting security checks (static and dynamic code analysis, vulnerability analysis in applications and penetration tests, security component analysis).
- Understanding or virtualization and container technologies (Docker, Kubernetes, OpenShift).
- Experience with OWASP Testing Guide v3 / 4 and OWASP TOP 10.
- Knowledge of securing APIs.
- Experience in Web and/or Mobile applications and common vulnerabilities.
- Knowledge of security in micro-services is beneficial.
- Client focus.
- Communications skills including the ability to understand client process in any area in detail.
- Undeniable leadership skills, the ability to lead large teams (50+), also dispersed.
- Business writing skills (capturing needs and writing it down on formal documents).
- Reliable and with attention to detail.
- Stable employment conditions based on an employment contract
- Private medical care and life insurance and employee share program.
- Access to the MyBenefit platform (possibility of using a wide range of products and services, including the Multisport card and the lunch card).
- Individual support of a Career counselor and a specific path of professional development, as well as the possibility of a session with a Coach.
- A wide training package (soft and technical training offer, access to the e-learning platform, possibility of co-financing courses and certification)
- Participation in the implementation of projects on a global scale for the largest international companies from Fortune500 using the latest technological solutions and tools.
- Employee Assistance Program - free support in one-time legal, financial and psychological consultations.
- Paid employee referral program
When applying please enclose the below statement:
"I hereby consent to the processing of my personal data by Accenture sp. z o.o. with its registered seat in Warsaw (00-121), at ul. Sienna 39, NIP 526-00-15-900 (Data Controller), in accordance with the Act of May 10, 2018 on the Protection of Personal Data (Journal of Laws of 2018, item 1000) and the Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive), necessary to carry out the recruitment process by Accenture . At the same time, I declare that I provide my personal data completely voluntary. I also declare that I have been informed about my right to withdraw my consent or object to processing of data, request access to them, rectification, deletion, limitation of processing and their transfer, at any time and the right to lodge a complaint to the data protection supervisory authority."
Accenture does not discriminate employment candidates on the basis of race, religion, color, sex, age, disability, national origin, political beliefs, trade union membership, ethnicity, denomination, sexual orientation or any other basis impermissible under Polish law.