Sep 28, 2020

Application Security Specialist

  • Halcyon Knights
  • Melbourne VIC, Australia
Contractor Cyber Security

Job Description

  • Are you looking for your next contract gig?
  • Work alongside industry-leading professionals
  • Ongoing personal & professional development

Your new company

This enterprise client is looking to engage an Application Security Specialist to join their growing digital security practice. 

 About the opportunity

The Application Security Specialist will provide expertise to the secure design and development of web and mobile-based solutions. You will form an integral part of the team responsible for security across the entire SDLC and who validate the security of a wide range of applications and services. 

What you'll need to succeed

  • Passion, drive and enthusiasm!
  • Understanding of application security principles, including OWAS, secure software development /SDLC practices and application penetration testing.
  • Ability to research security areas and domains without prior experience and apply that knowledge in practical situations.
  • Experience with application code reviews and penetration testing, including an exposure to manual testing methodologies.
  • Experience with testing tools such as Burp Suite.
  • An understanding of threat modelling best practices, or experience conducting threat modelling
  • Knowledge of Cloud environments such as AWS, and knowledge of the breadth of services and their application.
  • Knowledge of development tooling and CI/CD pipelines.
  • Knowledge of application security tooling, such as SCA and/or SAST.

Role Accountabilities

  • Performing a range of application security consulting services throughout the entire software delivery lifecycle.
  • Triaging application vulnerabilities submitted through the Responsible Disclosure Program.
  • Collaborating with developers that work in a variety of delivery methodologies, including scaled agile trains.
  • Working within and contributing back towards a security team modelled on agile delivery
  • Identifying inherent vulnerabilities within systems and applications
  • Presenting findings to a range of technical staff and business stakeholders, such as developers, business analysts, iteration managers, and product experience managers.
  • Clearly documenting and communicating security findings, including description, severity, and recommended solutions to stakeholders
  • Strong ethics and understanding of ethics in business and information security

What you'll get in return
You will have the opportunity to join a growing team of experts who are passionate about security! You will work with some of the best in the industry, joining an extremely talented team that places a lot of value in personal and professional development.