Associate Managing Consultant- Application Security (ID: 31478)
Remote
Applications have closed
Synopsys, Inc
Build high-quality, secure software faster with our application security testing tools and services. We are a Gartner Magic Quadrant leader in appsec.The application security professionals who work for our company bring industry experience, confidence, and technical expertise to help our clients overcome unique challenges. We plan, pursue, deliver, and manage engagements to assess, improve, build, and sometimes operate integrated application security operations for our clients.
A career in Software Integrity Group would provide opportunities to gain experience with enterprise-level software implementations, keep your day-to-day routine exciting and allow you to grow personally and professionally. Based on your level of knowledge and skills, an Associate Managing Consultant may have a wide range of responsibilities.
General skills and attributes
- Knowledge and 5-7 years of hands-on experience with key components of DevSecOps consulting (e.g., CI pipelines, security testing, static and dynamic testing, SBOM, general cloud concepts).
- Knowledge and understating of general cyber risk concepts (e.g., risk prioritization, data protection, incident response, disaster recovery).
- Developing DevSecOps standards and processes within an organization.
- Experience in working independently or as part of a large team to delivery application security services on its own or within large complex projects.
- Practical experience with conducting risk assessments and testing of controls (e.g., OpenChain, cloud, sector specific regulatory requirements, strategy and governance, program roadmaps).
- Excellent analytical skills and ability to decipher data from testing results.
- Demonstrated leadership abilities (e.g., lead presentation, develop themes and executive decks, lead status meetings)
Responsibilities
- Consistently deliver quality client services. Monitor progress, manage risk, and ensure key stakeholders are kept informed about progress and expected outcomes.
- Lead and support the executing team to make an impact that matters and setting the direction to deliver exceptional client service.
- Work with clients to analyze, evaluate, and enhance the effectiveness of their application/product security posture at procedural and technological levels from design to deployment.
- Use knowledge of current application security best practices and industry trends to lead the implementation of application security solutions for our clients and support the clients in their desire to protect their business.
- Help identify and pursue DevSecOps business opportunities.
- Stay abreast of current business and industry trends relevant to our client's.
- Establish relationships with client personnel at appropriate levels.
- Possess good business acumen. Remain current on new developments in advisory services capabilities and industry knowledge.
- Provide input and assist the team maintain and build out new DevSecOps related service offerings that are relevant to the industry.
- Assist, Oversee the design & development of strategic initiative to be presented to potential clients.
- Participate in market facing activities and developing thought leadership materials.
- Provide technical leadership with respect to the development and execution of our key application security service offerings (e.g., conducting assessments of applications (web, cloud, mobile) architecture reviews, recommendations and aligning them to appropriate risk ranking systems).
To qualify, you must have:
- Five to seven years of prior consulting experience.
- Undergraduate or masters’ degree in one of the following areas: Information Security, Business Management, Information Systems, Computer Science, Engineering, and/or other related majors.
- Detail oriented and relentless pursuit to improve quality of work products.
- Familiarity with DAST, SAST, SCA, Penetration Testing, Vulnerability Management and OWASP. Other cyber risk competencies such as vulnerability management, incident response etc. is a plus.
- Ability to evaluate application security programs for clients and developing key elements of the program as part of the enhancement process and developing and maturing processes.
- Evaluating DevSecOps programs to determine how to embed security activities and working with clients to evolve their development programs to embed application security tooling and processes.
- Solid understanding of application security programs and experience in helping customers drive their application security initiatives.
- Overall understanding of software development processes, technologies, architectures, and practices, and risk management.
- Experience managing diverse team of technical consultants.
- Superior and highly effective client management skills.
- Ability to summarize technical information for executives to create effective and concise presentations, proposals, and SOWs for C-level executives.
- Written communication skills including formal documentation, statements of work, proposals, sources sought and request for information responses, white papers, and case studies.
- CISSP certification or equivalent.
- Willingness to travel (up to 40% - Post Covid).
Synopsys, Software Integrity Group, is named a leader for 2020 in the Gartner Magic Quadrant for Application Security Testing (AST), recognizing our vision and ability to execute. Every business runs on software, and defects in software create risk. We’ve curated the most robust products and services to create one comprehensive platform that enables our customers to detect and remediate deficiencies across their entire SDLC. To find out more about Synopsys SIG, check out https://www.synopsys.com/software-integrity.html.
Inclusion and Diversity are important to us. Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, military veteran status, or disability
Tags: Application security C CISSP Cloud Computer Science DAST DevSecOps Governance Incident response OWASP Pentesting Product security Risk management SAST SDLC Strategy Vulnerability management
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs