Security Consultant, AppSec
Security Consultant, AppSec
Posted on :
08-06-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Cyderes (Cyber Defense and Response) is a pure-play full life-cycle cybersecurity services provider with award-winning managed security services identity and access management and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States Canada the United Kingdom and India.
About the Job:
The Application Security Consultant reports directly to the Cloud and Application Security Practice Director and is tasked with guiding clients from traditional DevOps practices to a comprehensive DevSecOps model. This role encompasses conducting in-depth code reviews utilizing DAST SAST and SCA tools for security assessments and performing web application penetration tests. With a focus on integrating security into the development lifecycle this role requires a candidate with a strong development background and familiarity with a broad spectrum of programming languages.
Responsibilities:
- Lead security reviews and web application penetration tests to identify vulnerabilities across a variety of development frameworks and languages.
- Advise on the integration of security practices within DevOps processes aiding in the transition to DevSecOps.
- Perform thorough code reviews using DAST SAST and SCA tools focusing on a wide array of programming languages.
- Work closely with development teams to instill secure coding practices and embed security measures within CI/CD pipelines.
- Support the bug bounty program.
- Support the preparation of security releases.
- Assist in development of security processes and automated tooling that prevent classes of security issues.
Requirements:
- 2-3 years overall application security experience
- Extensive experience application and code security
- Experience with static and dynamic code analysis solution. For Example: Veracode Checkmarx SonarQube
- Retain one or more of the following certifications: CISSP CISM OSCP CEH
- Experience in solution architecture DevSecOps practices and cloud integration.
- Experience working with Infrastructure as Code CI/CD pipelines and Secure DevOps processes.
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth OpenID SAML etc.).
- Strong expertise in at least one of the major programming languages (e.g. C/C Java Python). This foundational knowledge is crucial for conducting effective code reviews and security assessments.
- An understanding of or experience with a diverse set of languages including but not limited to Gosu Business Basic CLI Scripts HCL Domino PowerShell Shell SQL and SQR.
- Strong security inclination & technical writing skills
Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race religion color sex age disability sexual orientation genetic information national origin or veteran status.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
Required Experience:
Contract
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
