Optiv Security Senior Consultant - Application Security, Threat Management | Remote, USA - 5b936155-6283-44ac-8440-3b1d71fb991d in Overland Park, Kansas
This job was posted by https://www.kansasworks.com : For more information, please see: https://www.kansasworks.com/ada/r/jobs/11638370 At Optiv, we're on a mission to help our clients make their businesses more secure. We're one of the fastest growing companies in a truly essential industry.
In your role at Optiv, you'll be inspired by a team of the brightest business and technical minds in cybersecurity. We are passionate champions for our clients, and know from experience that the best solutions for our clients' needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We're proud of our team and the important work we do to build confidence for a more connected world.
Optiv is a multi-disciplined consulting team with focus areas on network penetration, malware analysis, vulnerability research, hardware testing, operating system, mobile device, and application testing. The Application Security group focuses on mobile and web application testing as well as Securing the client's SDLC so they can develop the most secure software possible.
We expect a senior-level individual to have at least four years in a directly related role. The majority of work is remote we would like to talk to you regardless of where you call home.
How you'll make an impact:
+ Perform detailed analysis of a client's entire SDLC through a security lens. This is accomplished by evaluating the client's existing policies, procedures, practices, and standards and conducting in-depth client interviews.
+ Presentation of the detailed assessment of SDLC analysis to client's and guide them on where and how to improve their current SDLC so the software they create is developed more secure by default. You will be working with various levels within an organization from developers to the C-suite.
+ Being a trusted advisor to the client as it relates to application security.
+ Becoming a mentor to others on the team within the Secure SDLC Practice.
Qualifications for success:
+ Demonstrate competency in application security governance including strategy, metrics, policy, compliance, and security education
+ Demonstrate competency in secure application design including threat assessment, security requirements, and secure architecture
+ Demonstrate competency in secure software development including DevSecOps, the build & deployment process, and defect management
+ Demonstrate competency in application security testing, architectural analysis, and the CICD pipeline
+ Demonstrate competency in secure application operations including incident management, environment hardening, and secure operations
+ Practical experience in development, architecture, and application security
+ 5+ years prior software development experience is required
+ 3+ years prior consulting experience is required
+ Understanding of software security architecture and design
+ Experience building Secure SDLC programs is a plus
+ Ability to assist in the strategic direction of the practice
+ Ability to travel up to 40% of the time to client sites
+ Ability to work with diverse and dynamic teams
+ Experience with Vericode, Fortify and/or Black Duck preferred
+ BA/BS degree preferred in computer science, engineering, math, statistics, or information systems
+ Prefer one or more of the following certifications: CISSP, CEH, OSCP, OSCE, GPEN, CPT, CSSLP
We don't expect people to be experts in every area but y ou will have to demonstrate expertise in a few so that we can fit you with the appropriate projects.
Things we like to see:
CVE's, links to your con presentation (or your con), tools, research papers, generally anything that can demonstrate you know your stuff when it comes to web and mobile applications.
If you are seeking a culture that supports growth, fosters success and moves the industry forward, find your place at Optiv! As a market-leading provider of cyber security solutions, Optiv has the most comprehensive ecosystem of security products and partners to deliver unparalleled services. Our rich and successful history with our clients is based on trust, serving more than 12,000 clients of varying sizes and industries, including commercial, government and education. We have the proven expertise to plan, build, and run successful security programs across Risk Management, Cyber Digital Transformation, Threat Management, Security Operations - Managed Services and Identity and Data Management.
With Optiv you can expect:
• A company committed to championing Diversity, Equality and Inclusion through Affinity groups including but not limited to, Women's Network, Optiv Pride, Black Employee Network, and Veterans Support Network.
• Work/life balance. We offer "Recharge" a flexible, time-off program that encourages eligible employees to take the time they need to recharge