Sr. Consultant - Application Security/Threat (Remote, USA)
Dallas, TX
Optiv
Optiv manages cyber risk so you can secure your full potential. Cybersecurity advisory services and solutions. Powered by the best minds in cyber.The AppSec Consultant works to design, build, and deliver application security program services. Common activities will include performing application security tests, both manually and with automated tools; integrating security technologies and processes into existing SDLC programs; providing training relative to application security; and collecting/reporting relevant application security metrics to client stakeholders. The position will work closely with other Application Security and Cloud IT personnel to ensure application security program processes are effective.
How You'll Make An Impact
- Accountable to lead the specific efforts for major application security clients, identify and triage threats, do research and manage intake from internal and external customers.
- Build scripts, complex queries, tools, methodologies and more to rapidly identify and respond to advanced threats facing clients
- Identify key attributes of attacker tools, tactics and procedures (TTPs) and develop Indicators of Compromise (IoCs) for use in future detective controls
- Effectively communicate findings, opportunities and challenges to both experienced technical resources and executive audiences
- Develop clear technical reports at the conclusion of major incidents and document findings in team knowledge repository
- Serve as Subject Matter Experts for cyber security incidents in meetings with internal and external teams
- Obtain and maintain top tier vendor certification.
- Complete administrative project tasks like time and expense entry, status reporting, and project completion reporting.
- Acts as contributor in Optiv communities for solutions of focus
Requirements/Qualifications
- Bachelor's degree and approximately 5-7 years of related work experience
- 2 or more years’ experience in a cyber security environment, preferably application security
- Approximately 4-7 years of technical architecture experience
- Desirable experience within one or more of the following Security Architecture and/or Enterprise Architectural Frameworks (e.g. SABSA, TOGAF, O-ESA, OWASP Open SAMM, BSIMM)
- Completion of relevant Security or Technical certifications including CCNA, GCIH, GREM, GCFA, GCFE, OSCP is preferred
- Knowledge and hands-on experience with Application Security Program Assessments and Maturity Scoring, Vulnerability Assessments, Risk Assessments, SDLC process improvement, and Threat Modeling
- Knowledge or experience with Cyber Incident Management programs
- Minimum 4 years of experience with standard Enterprise-class security stack (Firewall, IDS/IPS, Antivirus, SIEM, Web Proxy, Web Application Firewall)
- Functional knowledge of Application Security and Software Development foundations, theory, terminology (DevOps, SCRUM, Agile, CI/CD)
- Working knowledge of operating systems, virtual machine environments, mainframe security packages, and relational database management systems.
- Expert knowledge of using Microsoft Office
- Ability to build relationships with and influence other functional areas
- Well-developed negotiation skills
- Ability to build consensus
- Ability to manage multiple tasks in parallel
- Willingness to travel to meet client needs
- Valid driver's license in the US
- The successful candidate must hold related professional certifications such as the CISSP, CISM, and/or CISA
- #LI-NA1
• A company committed to championing Diversity, Equality, and Inclusion through our Affinity groups including, Black Employee Network, Disabled Employee Network, Latino Employee Network, Optiv Pride (LGBTQIA+), Veterans Support Network, and Women's Network.• Work/life balance. We offer “Recharge” a flexible, time-off program that encourages eligible employees to take the time they need to recharge • Professional training resources, including tuition reimbursement• Creative problem-solving and the ability to tackle unique, complex projects• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. • The ability and technology necessary to productively work remote/from home (where applicable)
If you are seeking a culture that supports growth, fosters success, and moves the industry forward, find your place at Optiv! As a market-leading provider of cyber security solutions, Optiv has the most comprehensive ecosystem of security products and partners to deliver unparalleled services. Our rich and successful history with our clients is based on trust, serving more than 12,000 clients of varying sizes and industries, including commercial, government, and education. We have the proven expertise to plan, build, and run successful security programs across Risk Management, Cyber Digital Transformation, Threat Management, Security Operations - Managed Services, and Identity and Data Management.
Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.
Tags: Agile Application security BSIMM CI/CD CISA CISM CISSP Cloud DevOps Firewalls GCFA GCIH GREM IDS IPS Mainframe OSCP OWASP Risk management SAMM Scrum SDLC SIEM TOGAF TTPs
Perks/benefits: Career development Flex hours Flex vacation
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Chief Information Security Officer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open IT Security Engineer jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs