Description
Application Security Consultant is required to work for a large technology system integrator in Luxembourg. The Application Security Architect will have at least five years of experience of working as an application security consultant and will have performed pen tests, vulnerability scans, application assessments, technical compliance checks.
The application security consultant will possess the following criteria.
- Perform application assessments (source code analysis, dynamic security testing)
- Perform regular vulnerability scans using automatic or manual scanners (TripWire, Nessus, Acunetix)
- Perform pentests against infrastructure components (Servers, network) or applications
- Perform technical compliance checks against reference configurations (windowns, Linux/Unix)
- Evaluate tool kits available on the market (including realisation of prototypes), build and maintain an ethical hacking and application security testing lab
- Support in producing documentation and reports (installation, configuration guidance, assessment reports)
- Define functional specifications for solutions
- Develop system software (eg scripts for automated configuration, system analysis, alerting)
- Design, prepare and perform technical demos and workshops for user awareness or seminars
Qualifications
- Bachelor Degree in IT or related field with a minimum of 5 years of professional experience in IT
- Minimum 5 years of experience in the cyber-security domain, exercising Security Testing, with experience in frameworks like HP Fortify or ideally IBM AppSCan
- Minimum 2 years of experience in the audit/pen-test field.
- Previous working experience in web application development (Java, .NET, Agile methodologies), is essential
- Extensive professional experience in security assurance aspects such as vulnerability assessment, pen-test, technical compliance check and application security testing is required
- Excellent knowledge of configuration and operation of Security software and hacking tools is required.
- Relevant certifications such as GPEN, CEH, OSCP or similar would be considered a strong asset.
- Very good written and spoken English is required. Good knowledge and understanding of French would be considered an asset