Managed Application Security SME

  • 13th month + holiday allowance
  • 20 + 12 holidays
  • Hospitalization and group insurance
  • Bonus program
  • Training & learning opportunities
  • Green mobility program
  • Flexible rewards program
  • Eco-cheques
Apply now

Selected candidates would be primarily responsible to support Managed Application Security offering and services in Europe. It involves a wide range of activities from capability assessment, through managed services design including technology. Key focus will be on service delivery and ongoing maintenance of relevant processes and technologies.

This role supports solution architects designing strategic deals or owns multiple components of large complex deals. Supports the solution reviews with various stakeholders including meetings with the client team presenting the solution and offerings and  understanding client needs and requirements. Works on building the win strategy and the cost model for the solution and support response content creation collecting inputs internally and externally.

The role will help to implement client Managed Application Security capabilities to enable secure product development. Help with design, build, deploy and maintain secure services within their defined scope of products, systems, and team.  And ensures that the products and systems delivery process it’s self is secure enough (for example so that intellectual property is protected). This will involve managed security services security in the whole software lifecycle from inception, design, threat modelling, development, testing and releasing them, to operating and protecting them. In order to do so, the role will be responsible for defining the security requirements and policies of their in-scope team and working closely with the Agile Scrum teams to help ensure they are understood and implemented appropriately.

Computer Science, Telecommunications or Information Security Master Degree or a related field and full professional proficiency in English is required. Experience with SW development, DevOps, Secure SLDC and Application Security Testing is required. Experience in other fields of Information Security (Pentesting, Security Architecture, Infrastructure Security) is desired.

Applicants must have experience in managing people and projects with multidisciplinary and geographically dispersed teams. Applicants are expected to exhibit proactive behaviour, propose improvements and innovations and provide constructive feedback.

Key Responsibilities:

  • Manage teams, projects and relationship with clients on daily basis
  • Manage project finances and work assignment and allocation
  • Participate in business development and sales activities (including responses to RFPs)
  • Lead offering development and contribute to innovation activities as a Subject Matter Expert
  • Contribute to the internal professional community
  • Perform quality assurance of services provided to the client
  • Provide advisory to different groups (Technology, Developers, Digital Transformation, etc.)
  • Define and execute training program for different teams
  • Define managed application security service lifecycle for large projects and teams
  • Define applications security architecture elements
  • Define documentation of security requirements for applications (web, mobile, host, SOA, etc.).
  • Definition of KPI and KRI related to managed application security services
  • Work with senior management on defining roadmaps, needs and provide short and mid-term forecasting
  • Collaborate with clients to define best approach to maximize the security posture

Qualifications:

Education:                                                      

  • Master Degree in Computer Science, Telecommunications or Information Security
  • Certifications such as CSSLP, CISSP, CEH, OSCP, CISM, etc. are preferred
  • Certifications from application security testing vendors (ex: SAST,  DAST, SCA) are beneficial

Work Experience:       

  • 3+ years of experience in Application Security Testing

Work Requirements:                                      

  • Willing to travel and attend meetings/workshops on client premises and work from client premises within the country or abroad

Knowledge/Skills Requirements:

  • Has a passion for Application Security
  • Experience in management and definition of security in the software development lifecycle (SDLC)
  • Working knowledge of Waterfall, Agile and primarily DevOps development methodologies
  • Knowledge of conducting security checks (static and dynamic code analysis, vulnerability analysis in applications and penetration tests, security component analysis)
  • Understanding of security testing of virtualization and container technologies (Docker, OpenShift, …)
  • Experience with OWASP Testing Guide v3 / 4 and OWASP TOP 10
  • Experience in Web and Mobile applications and common vulnerabilities
  • Knowledge of SOA security
  • Knowledge of the WS-Security standard
  • Knowledge of security in mobile applications (REST security, JSON, OpenID, OpenAuth, WebToken, SSO)
  • Knowledge of security in micro-services is valuable
  • Vulnerability Management and Vulnerability Lifecycle experience
  • Client focus
  • Communications skills including the ability to understand client process in any area in detail
  • Excellent coordination and communication skills
  • Business writing skills (capturing needs and writing it down on formal documents)
  • Reliable and with attention to detail
  • Ability to work alone and bring results
  • Leadership and coordination skills for teams and projects, role will manage customer expectations & deadlines and will participate on business activities
  • Coaching and people development skills
Apply now

Application process

We believe it is crucial that you know where you stand during your application, and what the next steps are. Our process is short - but thorough - and we'd like to get to know you, and see if we are a great fit. Please connect with our recruiters in case of questions.

Apply

Found a fitting vacancy or role? Great! Apply by sending in your CV and cover letter and let's get started. Contact our recruiters in case of questions, they are here to help and guide you.

First Interview

During the interview, we'd love to get to know you and see if there is a match with our brand and brand values. We will discuss your ambitions and past experiences and tell you all you want to know about the role.

Second Interview

In the second interview, our senior management would love to get to know you. We will continue to discuss your ambitions, past experiences and we can answer any question you have about the position and work at Accenture.

Offer

If we are all happy to proceed after the interviews, we'd like to make you an offer to join Accenture. We hope we can welcome you soon as a new colleague!

Onboarding

We'd like to welcome you to Accenture and are excited that you have accepted our job offer and agreed upon your start date. You will meet all the other new joiners and continue your career at Accenture.

Let's Connect

Sara Zapisek