Cyber Risk Application Security Senior Consultant

Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte could be the place for you. This is an unparalleled time of change with new information security challenges arising each day. Our team of Cyber risk professionals bring industry experience, confidence, and technical knowledge to help our clients tackle those unique challenges. If you are seeking a role that offers exposure to enterprise-level software implementations and variety to your day-to-day routine while allowing you to develop personally and professionally, consider a career in Deloitte Advisory's Cyber practice.

Work you will do
The responsibilities of an Application Security Senior Consultant are broad and may vary depending on your level of experience and skills. Responsibilities include but are not limited to:

• Performing security software architecture review and threat modeling

• Advising and implementing secure software architecture patterns

• Performing application security program-level assessments leveraging industry preferred practices

• Modernizing application security program through DevSecOps program implementation

• Scanning / testing modern apps at code, container, Kubernetes, API and cloud layer

• Designing and automating application security leveraging CI/CD pipelines

• Communicating security concepts to non-security clients such as developers, architects, engineers, business executives

• Extracting pain points from the clients and solve them through planning, managing, execution and communicating with clients

• Remediating security vulnerabilities working directly with clients

• Representing Deloitte's technical, business, and professional values to customers, partners, and peers.

Qualifications

Required:

• BA/BS Degree in Computer Science, Cyber Security, Information Security, Engineering, or Information Technology
• 3+ years of experience in software or security consulting
• 3+ years of experience in software development using Java, Microsoft .NET, or C/C++
• 3+ years of experience using build tools (e.g. ant, make, maven, msbuild, nant, etc.)
• 3+ years of experience in developing and/or deploying Web applications
• 3+ years of experience with multiple operating systems
• 3+ years of experience in enterprise security or application security
• 3+ years of experience in IT operations (e.g., incident handling, NOC, SOC, etc.)
• CSSLP, CISSP, CISA, CCP MCP/MCSE or SANS certifications
• While up to 80% travel is requirement of the role, due to COVID-19, non-essential travel has been suspended until further notice.
• Limited visa sponsorship may be available

• Fundamental understanding of software, computer, and network architectures.
• Highly motivated, competitive, entrepreneurial and attracted to challenging opportunities.
• Demonstrates the ability to work in a fast-paced environment where organizational skills are essential.
• Has strong problem solving, analytical, interpersonal, and ownership skills.
• Possess excellent collaboration skills with a wide variety of internal team members.
• Is an intelligent, self-starting, self-confident individual with integrity and accountability.
• Possess strong written, verbal and presentation skills.