Security Consultant

Apply for this job ▸
Security Consultant2020-02-05T22:29:31-05:00<p><em>Are you passionate about positively influencing others to be aware of the role they play in making our information secure, and what that means to them in their day to day work? If yes, then read on!</em></p> <p>We’re looking for an experienced security consultant working out of our Singapore office. This is indeed a hands-on tech oriented position. Of course, you'll need to know about the standard security stuff, but it is also critical you are able to work with delivery teams as well as networks &amp; infrastructure support teams. Even as a security consultant, we speak the language of software developers and work collaboratively with them to reduce risks related to code development, system architecture and infrastructure. </p> <p><strong>You'll spend time on the following:</strong></p> <ul> <li>Provide security design, consultation and technology governance oversight for various projects and initiatives.</li> <li>Work with delivery teams to identify security requirements and vulnerabilities in the solutions we develop.</li> <li>Provide assistance to system users relative to information systems security matters.</li> <li>Act as information liaison to various business units and information technology departments.</li> <li>Act as a security enabler for direction, training and guidance for the various roles.</li> <li>Develop and maintain supporting documentation (policies, process, standards and procedures) to support ThoughtWorks’ Information Security Framework.</li> </ul> <p><strong>Here's what we're looking for:</strong></p> <ul> <li>Minimum of 3 years' experience in Application Security, Secure Code Review and/or Penetration Testing</li> <li>Good understanding of secure coding standards to mitigate OWASP Top 10 vulnerabilities and SANS TOP 25 programming errors</li> <li>Knowledge in one or more software development technologies like Java, J2EE, AngularJS, NodeJS, JavaScript</li> <li>Experience and working knowledge of any of the tools such as HP Fortify, Checkmarx, Veracode</li> </ul> <p><strong>It'll be a bonus if you have: </strong></p> <ul> <li>Technical background in software development and/or DevSecOps</li> <li>Knowledge of Threat Modelling using STRIDE and DREAD standards and Design Review </li> <li>Familiarity with Penetration Testing of web/mobile applications </li> </ul> <p><strong>Regardless of what you do at ThoughtWorks, you’ll always have the opportunity to:</strong></p> <ul> <li>Think through hard problems, and work with a team to make them reality.</li> <li>Learn something new every day.</li> <li>Work in a dynamic, collaborative, transparent, non-hierarchal, and ego-free culture where your talent is valued over a role title.</li> <li>Travel the world.</li> <li>Speak at conferences.</li> <li>Write blogs and books.</li> <li>Develop your career outside of the confinements of a traditional career path by focusing on what you’re passionate about rather than a predetermined one-size-fits-all plan.</li> <li>Be part of a company with Social and Economic Justice at the heart of its mission.</li> </ul> <div> <p><strong>Not quite ready to apply? Or maybe this isn’t the right role for you?</strong></p> </div> <div> <p>That’s OK, you can stay in touch with <a href=";utm_medium=jd&amp;utm_campaign=access-thoughtworks" target="_blank" data-saferedirecturl=";q=;source=gmail&amp;ust=1527062844618000&amp;usg=AFQjCNH-d9OFRKlnhqNNjMM8fC6D2Uax4w">AccessThoughtWorks</a>, our learning community (tick 'contact me about recruitment opportunities' to hear about jobs in the future).</p> <p style="color: white;">#LI-SEA</p> </div>ThoughtworksSingaporeSingapore