Security Consultant, AppSec
Bengaluru, Karnataka
Cyderes
Cyderes offers tech-enabled managed security services for real-time risk and compliance management in modern enterprises.About the Job: The Application Security Consultant reports directly to the Cloud and Application Security Practice Director and is tasked with guiding clients from traditional DevOps practices to a comprehensive DevSecOps model. This role encompasses conducting in-depth code reviews, utilizing DAST, SAST, and SCA tools for security assessments, and performing web application penetration tests. With a focus on integrating security into the development lifecycle, this role requires a candidate with a strong development background and familiarity with a broad spectrum of programming languages.
Responsibilities:
- Lead security reviews and web application penetration tests to identify vulnerabilities across a variety of development frameworks and languages.
- Advise on the integration of security practices within DevOps processes, aiding in the transition to DevSecOps.
- Perform thorough code reviews using DAST, SAST, and SCA tools, focusing on a wide array of programming languages.
- Work closely with development teams to instill secure coding practices and embed security measures within CI/CD pipelines.
- Support the bug bounty program.
- Support the preparation of security releases.
- Assist in development of security processes and automated tooling that prevent classes of security issues.
Requirements:
- Extensive experience application and code security
- Experience with static and dynamic code analysis solution. For Example: Veracode, Checkmarx, SonarQube
- Retain one or more of the following certifications: CISSP, CISM, OSCP, CEH
- Experience in solution architecture, DevSecOps practices, and cloud integration.
- Experience working with Infrastructure as Code, CI/CD pipelines and Secure DevOps processes.
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, SAML, etc.).
- Strong expertise in at least one of the major programming languages (e.g., C/C++, Java, Python). This foundational knowledge is crucial for conducting effective code reviews and security assessments.
- An understanding of, or experience with, a diverse set of languages, including but not limited to Gosu, Business Basic, CLI Scripts, HCL Domino, Net.Data, PowerShell, Shell, SQL, and SQR.
- 2-3 years overall application security experience
- Strong security inclination
- Strong technical writing skills
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security C CEH Checkmarx CI/CD CISM CISSP Cloud Code analysis Cyber defense DAST DevOps DevSecOps IAM Java OpenID OSCP PowerShell Python SAML SAST Security assessment SonarQube SQL Veracode Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open PowerShell-related jobs