Security Consultant (Development Knowledge)

Job Title: Security Consultant (Development Knowledge)

Location:  Abu Dhabi

Job Overview:

As a Security Consultant with development knowledge, you will be responsible for providing expert guidance to clients on integrating security into their software development processes. You will collaborate closely with development teams to assess, design, and implement robust security controls and best practices throughout the software development lifecycle.

Responsibilities:

  • Security Assessments: Conduct comprehensive security assessments of applications, identifying vulnerabilities and recommending mitigations.
  • Secure SDLC Integration: Advise development teams on integrating security practices into the software development lifecycle (SDLC), including requirements gathering, design, coding, testing, and deployment phases.
  • Code Review and Analysis: Perform code reviews and analysis to identify security flaws, coding errors, and potential weaknesses.
  • Threat Modeling: Develop and review threat models to identify potential security threats and risks specific to applications.
  • Security Architecture: Design and implement secure architecture patterns and solutions for applications and systems.
  • Secure Coding Practices: Promote secure coding practices among development teams and provide training sessions on secure coding principles.
  • Incident Response: Assist in incident response activities related to application security incidents, including root cause analysis and remediation.
  • Compliance and Standards: Ensure applications adhere to regulatory requirements and industry standards (e.g., OWASP Top 10, PCI-DSS, GDPR).

Requirements:

  • Technical Skills:

o             Strong understanding of software development principles and methodologies (e.g., Agile, DevOps).

o             Proficiency in programming languages commonly used in application development (e.g., Java, Python, JavaScript).

o             Knowledge of web application frameworks (e.g., Spring, Django, Node.js) and their security implications.

o             Familiarity with secure coding practices and techniques (e.g., input validation, encryption, authentication mechanisms).

o             Experience with security testing tools (e.g., Burp Suite, OWASP ZAP, Nessus).

  • Security Knowledge:

o             Solid understanding of cybersecurity principles, threats, and vulnerabilities.

o             Experience with security assessment methodologies (e.g., penetration testing, code review).

o             Knowledge of network security, cryptography, and secure communication protocols.

  • Communication Skills:

o             Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.

o             Strong interpersonal skills and the ability to work collaboratively in a team environment.

o             5+ years of experience

  • Education and Certifications:

o             Bachelor’s degree in Computer Science, Information Technology, or a related field. Master’s degree preferred.

o             Relevant certifications such as CISSP, CEH, CSSLP, or GIAC are a plus.

send your CV to subramaniam@isss.org.uk

About the Author

You may also like these

No Related Post