Descripción Del Puesto

Accenture is seeking Application Security Testing professional to be assigned to its office located in Madrid, Barcelona or Málaga (Spain).
An Application Security Testing professional analyzes a given situation to determine which security testing approaches are most likely to succeed, implements them and evaluates its effectiveness.
Also demonstrating the attacker mentality by discovering key information about a target, performing actions in a protected environment that a malicious person would perform and understand how evidence of the attack could be deleted.
As a member of the Security Team, the Application Security Testing professional will work in a collaborative environment where sharing skills and expertise is part of its DNA, cultivating a culture of security awareness to ensure security policies for applications, environments and systems are followed at all times.
Continuous learning is encouraged (and needed!) through our extensive training program, classroom/online courses from well-known providers and certifications.
Applicants must have Computer Science, Telecommunications or Engineering Degree or a related field, with experience in performing Application Security Testing.
Selected candidates will take part in Application Security and other Security projects in global & leading companies operating different markets.

#GoSecurity

MÁS INFO


Qualifications

These are the main skills that an Application Security tester should demonstrate and exercise on a daily basis (not all of them are required):
Experience in conducting security checks (static, software composition and dynamic analysis, vulnerability analysis in applications and application penetration tests), analyzing test results, documenting risks and recommending countermeasures.
Security knowledge in web applications and common vulnerabilities.
Knowledge of security in micro-services and Single Page Applications is valuable.
Develop and document security evaluation test plan and procedures.
Assist in researching, evaluating, and developing relevant Information Security policies and guidance.
Actively participate in or lead technical exchange meetings and application review boards, documenting actions items/results of these events.
Develop, assemble, and submit testing results reports that document testing activity and results to support the creation of risk assessments and approval packages.
Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing.
Experience in testing APIs security (also related with mobile applications).

Detailed skill list
For each skill category, exemplar methodologies, tools or platforms are provided as guidance. Although not all of them are required, breadth and depth of skills are expected, and will be valued, for an Application Security Testing role:
Technology Ecosystems: General knowledge in at least one of the most enterprise-used programming languages as Java/C# .NET, C/C++, Javascript, PHP, Ruby/Perl/Python, Java Android/Kotlin, Objective-C/Swift, Powershell…
Dynamic Application Analysis Tools (DAST): Experience with at least one of the following dynamic application analysis solutions: Burp Suite, Postman, MobSF, Qualys, Acunetix, Nessus, Webinspect…
Static Code Analysis Tools (SAST): Experience with at least one of the following static code analysis solutions: Checkmarx, Veracode, Kiuwan, Fortify, SourceClear, BlackDuck, Nexus, SonarQube…
Software Composition Analysis Tools (SCA): Experience with at least one of the following Software Composition Analysis solutions as Dependency-Check, SourceClear and/or WhiteSource…
Authentication and authorization: Valuable Knowledge on SOA security and security focused on mobile applications (REST, JSON, OpenID, OAuth, WebToken, SSO).
Security standards: Experience with OWASP Testing Guide, OWASP TOP 10 and knowledge of other well-known security standards of the industry: OWASP-M, SEI CERT-J, SEI CERT-C, PCI DSS…
Application Security standards: Experience with OWASP TOP 10, OWASP ASVS, OWASP MASVS, CWE, MITRE, CAPEC, SANS 25.
Valuable certifications: CSSLP, OSCP, OSWE…

Responsibilities
Application Security Testing professional duties and responsibilities of the role will be:
Help managing a group of people and projects.
Definition, implementation and execution of security testing processes into software development life cycle.
Validation of applications security architecture elements.
Documentation of security requirements for applications (web, mobile, SOA, etc.) alignment with security testing processes.
Obtain and validate measurement of KPI and KRI related to security in applications.
Build PoC with clients to determine best security testing tools to be applied.
Vulnerability lifecycle management on client environment.
Collaborate with clients to define best approach to maximize the security posture.
 

#GoSecurity

Todas las decisiones de empleo se tomarán sin importar la edad, raza, credo, color, religión, sexo, origen nacional, ascendencia, grado de discapacidad, estado de veterano, orientación sexual, identidad o expresión de género, información genética, estado civil, estado de ciudadanía o cualquier otro motivo o circunstancias protegidas por las leyes federales, estatales o locales.
Actualización Covid-19: La seguridad y el bienestar de nuestros candidatos, nuestra gente y sus familias sigue siendo una prioridad absoluta para nosotros. Hasta que las restricciones de movilidad lo permitan, las entrevistas continuarán realizándose virtualmente. 

La Vida en Accenture

Trabaja donde te sientas inspirado para explorar tus pasiones, donde tu talento se potencie. Innova con las tecnologías más punteras del mercado trabajando en los proyectos más innovadores que puedas imaginar.

image

AMBIENTE DE TRABAJO

Da lo mejor de ti mismo cada día trabajando en un ambiente de trabajo que potencia la innovación en todo lo que haces.

image

FORMACIÓN Y DESARROLLO

Tómate tu tiempo para formarte y desarrollarte ya sea en nuestros centros regionales de aprendizaje, a través de las aulas conectadas, cursos online o paneles de aprendizaje.

Ver todas

Acerca de Accenture

Nuestros más de 600.000 profesionales en más de 120 países combinan una experiencia inigualable y conocimientos especializados en más de 40 industrias. Impulsamos el cambio para crear valor y éxito compartido para cada uno de nuestros clientes, personas, accionistas, socios y comunidades.

Ver todas

Mantente al día

Únete al equipo

Busca ofertas de empleo que coincidan con tus habilidades e intereses. Buscamos personas proactivas, curiosas, creativas con ganas de trabajar en equipo.

Mantente Conectado

Recibe alertas de trabajo, las últimas noticias y consejos de expertos adaptados a tus preferencias. Descubre qué oportunidades profesionales tenemos para ti.

Ver todas