Sr. Consultant - Application Security Programs/Threat (Remote, USA)

At Optiv, we’re on a mission to help our clients make their businesses more secure. We’re one of the fastest-growing companies in a truly essential industry. Join us.
The AppSec Programs Consultant works to design, build, and deliver application security program services.  Common activities will include performing application security tests, both manually and with automated tools; integrating security technologies and processes into existing SDLC programs; providing training relative to application security; and collecting/reporting relevant application security metrics to client stakeholders. The position will work closely with other Application Security and Cloud IT personnel to ensure application security program processes are effective.

How You'll Make An Impact

• Accountable to lead the  specific efforts for major application security clients, identify and triage threats, do research and manage intake from internal and external customers.
• Build scripts, complex queries, tools, methodologies and more to rapidly identify and respond to advanced threats facing clients
• Identify key attributes of attacker tools, tactics and procedures (TTPs) and develop Indicators of Compromise (IoCs) for use in future detective controls
• Effectively communicate findings, opportunities and challenges to both experienced technical resources and executive audiences
• Develop clear technical reports at the conclusion of major incidents and document findings in team knowledge repository
• Serve as Subject Matter Experts for cyber security incidents in meetings with internal and external teams
• Obtain and maintain top tier vendor certification.
• Complete administrative project tasks like time and expense entry, status reporting, and project completion reporting.
• Acts as contributor in Optiv communities for solutions of focus

Requirements/Qualifications

• Bachelor's degree and approximately 5-7 years of related work experience
• 2 or more years’ experience in a cyber security environment, preferably application security
• Approximately 4-7 years of technical architecture experience
• Desirable experience within one or more of the following Security Architecture and/or Enterprise Architectural Frameworks (e.g. SABSA, TOGAF, O-ESA, OWASP Open SAMM, BSIMM)
• Completion of relevant Security or Technical certifications including CCNA, GCIH, GREM, GCFA, GCFE, OSCP is preferred
• Knowledge and hands-on experience with Application Security Program Assessments and Maturity Scoring, Vulnerability Assessments, Risk Assessments, SDLC process improvement, and Threat Modeling
• Knowledge or experience with Cyber Incident Management programs
• Minimum 4 years of experience with standard Enterprise-class security stack (Firewall, IDS/IPS, Antivirus, SIEM, Web Proxy, Web Application Firewall)
• Functional knowledge of Application Security and Software Development foundations, theory, terminology (DevOps, SCRUM, Agile, CI/CD)
• Working knowledge of operating systems, virtual machine environments, mainframe security packages, and relational database management systems.
• Expert knowledge of using Microsoft Office
• Ability to build relationships with and influence other functional areas
• Well-developed negotiation skills
• Ability to build consensus
• Ability to manage multiple tasks in parallel
• Willingness to travel to meet client needs
• Valid driver's license in the US
• The successful candidate must hold related professional certifications such as the CISSP, CISM, and/or CISA
• #LI-NA1

With Optiv you can expect:
• A company committed to championing Diversity, Equality, and Inclusion through our Affinity groups including, Black Employee Network, Disabled Employee Network, Latino Employee Network, Optiv Pride (LGBTQIA+), Veterans Support Network, and Women's Network.• Work/life balance. We offer “Recharge” a flexible, time-off program that encourages eligible employees to take the time they need to recharge • Professional training resources, including tuition reimbursement• Creative problem-solving and the ability to tackle unique, complex projects• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. • The ability and technology necessary to productively work remote/from home (where applicable)
If you are seeking a culture that supports growth, fosters success, and moves the industry forward, find your place at Optiv! As a market-leading provider of cyber security solutions, Optiv has the most comprehensive ecosystem of security products and partners to deliver unparalleled services. Our rich and successful history with our clients is based on trust, serving more than 12,000 clients of varying sizes and industries, including commercial, government, and education. We have the proven expertise to plan, build, and run successful security programs across Risk Management, Cyber Digital Transformation, Threat Management, Security Operations - Managed Services, and Identity and Data Management.
Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.