Job Description

Job Objectives: The Information Security Application Consultants manages the application security for existing Application and new required ones part of business portfolio to continuously monitor and improve organization's security posture to build secure applications and reduce threat footprint. The role also provides subject matter expertise and operational direction on application security governance, application security control and risk analysis, security assessment automation, secure development practices and incident response.

Minimum Qualifications: Bachelor's degree in Computer Engineering/Science, Electronics Engineering, or any other appropriately relevant field. Minimum Experience: . 10 years of progressive experience in a directly related field. . 7 years of professional experience in ICT information, application security in an enterprise level environment. . 3 years in similarly relevant Application security role with around the same team capacity and complexity of assigned tasks. Job Specific Skills: . Certifications in industry relative standards, frameworks, and schools of practice, such as CSSLP, GWAPT, OSCP, etc. . Excellent knowledge in maintaining effective working relationships with staff and clients; excellent people management skills. . Excellent written and verbal communication skills. . Strong analytical and problem-solving skills. . Proven success in working in a similarly complex ICT information security within same industry. . Professional experience in conducting manual and automated application assessments (DAST, SAST & RAST), penetration testing and configuration review. . Excellent understanding of modern development approaches and environments, secure Software Development Life Cycle (SDLC), secure coding practices and DevSecOps. . Good understanding of cryptography, web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures) . Good understanding of implementing enterprise information security architectures and frameworks. . Strong understanding of project management principles and requirements. . Excellent knowledge and understanding of Information Technology industry, trends, architectures, integrations, operational security, and process computing. . Excellent knowledge and understanding of leading industry standards, frameworks, methodologies, and best practices. . Excellent knowledge and understanding of information security governance, compliance, architecture components, technical solutions, and operational services.

Part time