Application Security Consultant

Job description

We believe in the power of an inclusive culture and we want everyone to feel free to be themselves. We offer access to a PwC global network, where you can exchange knowledge, ideas and questions with experienced professionals regarding Cyber Security and other disciplines. We also offer you:
* numerous training sessions and courses that contribute to your personal and professional development,
* an appropriate salary and extensive employment conditions, including a well-being budget. This is a personal annual budget of € 1.000 to spend on your health, for example on mindfulness, sport, lifestyle coaching, wellness, and noise-cancelling headphones;
* a fully equipped, ergonomic home office with a second monitor;
* a monthly internet allowance;
* a lease car/car allowance, laptop and iPhone;
* 32 holiday days per year;
* hybrid working at the client, at home and at the office;
* the possibility, within standard working hours, of focusing on Corporate Responsibility, various networks, diversity, innovation and/or recruitment;
* Very exciting activities, including drinks get-togethers, a Christmas party, and a skiing weekend. (During the COVID-19 pandemic, you can count on online events).

Employer

This team works on creating a more secure society for major International and local organisations. Together with over 150 professionals in the Netherlands you could work on leading and cutting edge projects covering the whole scope of Cyber Security., This team works on creating a more secure society for major International and local organisations. Together with over 150 professionals in the Netherlands you could work on leading and cutting edge projects covering the whole scope of Cyber Security.For more information about Tech career opportunities see: Technology_careers_PwC_Netherlands

Candidate/profile

We are searching for consultants with cyber, advisory, technology and sector-related experience to help our clients solve complex business problems. We are searching for individuals who can complement our team with Application security related knowledge, the security issues that affect applications throughout their lifecycle and the ways to address these issues. Together with our team you will then support our clients in protecting their applications and development processes.

You recognize yourself in the following

* 3 years or more experience in Application Security is desired;
* Solid understanding of vulnerability scanning mechanisms (DAST, SAST, etc) and tools;
* Knowledge of application security vulnerabilities and common mitigation strategies;
* Knowledge of Agile secure software development lifecycle practices including threat modeling, security user stories, security testing, etc;
* Experience providing advice on security risk assessments and vulnerability remediation;
* Understanding of DevOps practices and tooling (Jenkins, Chef, Git, Docker, Kubernetes, etc)
* Understanding of Microservices and container-based architectures and relevant security issues
* Excellent communication skills, both orally (conversations, discussions, presentations) and written (drafting and writing of sound reports in which findings are succinct and clearly communicated, appropriate to the target group and tailored to the needs of the client)
* Experience with threat modelling, vulnerability management and security testing
* Good knowledge of the following: OWASP; SAMM; ASVS; BSIMM; NIST; SSD.

In addition:

* Experience working with development teams to embed secure coding practices is a strong advantage;
* Good knowledge of identifying threats and risks and the measures needed to limit them, both at organizational and technical level;
* Application pentesting experience is an advantage, but optional;
* Hands-on software development experience using modern programming languages and frameworks is desired;
* Bachelor degree (or preferably higher) in one of the following fields: Engineering, Computer Science, Mathematics or related areas.

General qualifications:
* Demonstrated technical prowess;
* Ability to self-learn and experiment in new areas;
* Good teamwork capabilities;
* Good presentation skills.