*STA Application Security and Identity & Access Management Specialist*

This role is being recruited as part of the proposed Security Joint Venture between CyberCX and Accenture

Who are we?

Accenture is a global professional services company with leading capabilities in digital, cloud and security. Find out more about us at www.accenture.com. 

Role Overview:

This role focuses on ensuring the security and integrity of enterprise-level applications and systems by leveraging expertise in Application Security, Identity & Access Management, Network & Infrastructure Solutions, and Security Testing & Assurance. The ideal candidate will design and implement robust security solutions, conduct extensive security testing, and support identity and access management initiatives to protect and maintain organizational systems.

Key Responsibilities:

Application Security:

• Assess application security vulnerabilities using manual and automated security testing tools (e.g., SAST, DAST, IAST, RASP).

• Develop and implement secure coding practices, guidelines, and policies.

• Remediate application vulnerabilities pertaining to OWASP Top 10, SANS Top 25, and other critical threats.

• Work closely with development, DevSecOps, and IT teams to integrate security practices into the Software Development Lifecycle (SDLC).

Identity and Access Management (IdAM):

• Implement, maintain, and improve Identity and Access Management (IAM) platforms such as Okta, Ping Identity, ForgeRock, Microsoft Active Directory, or similar tools.

• Design and configure Role-Based Access Control (RBAC), Policy-Based Access Control (PBAC), and fine-grained access policies.

• Support Privileged Access Management (PAM) solutions to ensure secure access to critical systems and safeguard sensitive information.

• Lead identity proofing, authentication, federation, and single-sign-on initiatives.

Security Testing & Assurance:

• Conduct security assessments, audits, penetration tests, and vulnerability scanning across web applications, APIs, and IT infrastructure.

• Design and execute testing strategies, including black-box, white-box, and grey-box testing.

• Prepare detailed reports documenting findings, potential risks, and mitigation recommendations.

• Promote continuous security improvement through a combination of prevention, detection, and response strategies.

Network & Infrastructure Solutions:

• Design and implement secure network architectures, including firewalls, intrusion prevention systems (IPS), VPNs, and micro-segmentation strategies.

• Ensure compliance with industry standards and organizational security requirements for network infrastructure.

• Monitor and analyze network traffic, investigating abnormal activities and potential security breaches.

Risk Management and Compliance:

• Map technical solutions to frameworks such as ISO 27001, NIST Cybersecurity Framework, GDPR, SOX, PCI-DSS, or HIPAA.

• Collaborate with compliance teams to implement recommendations aimed at mitigating risks and closing security gaps.

• Support the development and enforcement of enterprise information security policies and standards.

Collaboration and Stakeholder Engagement:

• Provide subject matter expertise and guidance to cross-functional teams in adopting secure technology solutions.

• Lead technical workshops and collaborate with internal and external stakeholders during security assessments.

• Support incident response activities by integrating security solutions with monitoring, logging, and automated response systems.

Preferred Experience:

• 5+ years of professional experience in Application Security, Identity & Access Management, and IT Security Testing.

• Proven experience working with cloud-based platforms like AWS, Azure, or GCP.

• Familiarity with container security tools like Docker, Kubernetes, or similar technologies.

• Experience with automation and scripting languages such as Python, Bash, PowerShell, or equivalent.

• Operate as a trusted advisor in the realm of security, providing cutting-edge solutions to safeguard business-critical applications and infrastructure.

• Collaborate and interact with multidisciplinary teams to foster a secure technological enterprise environment.

• Opportunities for professional growth and certifications in the cybersecurity domain.

Required Skills and Competencies:

• Expertise in Application Security, including secure coding practices and risk mitigation techniques.

• Proficiency in Identity and Access Management (IAM) tools and software, including SSO, RBAC, and PAM.

• Deep understanding of TCP/IP, DNS, VPNs, firewalls, switches, network segmentation, and security tools.

• Experience conducting end-to-end security testing, including vulnerability assessments and penetration testing.

• Knowledge of cryptographic protocols, application-layer firewalls, and security monitoring solutions.

• Strong analytical and problem-solving skills.

• Excellent communication and interpersonal skills for technical and non-technical stakeholders.

• Ability to work in agile environments and coordinate with multidisciplinary teams.

• Demonstrated commitment to maintaining the highest ethical standards in tackling cybersecurity threats.

• Knowledge of industry standards, security regulations, and risk management concepts.

Qualifications and Certifications:

• Bachelor’s or Master’s Degree in Computer Science, Cybersecurity, Information Technology, or a related field.

• Certifications (preferred):

  • Certified Information Systems Security Professional (CISSP)

  • Certified Ethical Hacker (CEH)

  • CompTIA Security+

  • Identity Management Institute Certifications (CIMP/CIGA)

  • Certified Cloud Security Professional (CCSP)

  • Offensive Security Certified Professional (OSCP)

Benefits of working at Accenture:

·       18 weeks paid parental leave

·       Long & short-term career break opportunities

·       Structured career development program

·       Local and international career opportunities.

·       Certified as a Family Inclusive Workplace™

·       Flexible Work Arrangements - centered around Accenture’s Truly Human ethos and our commitment to supporting the health and wellbeing of our people.

·       We are proud to be in the top 3 of last year’s Diversity & Inclusion Index!

We are a WORK180 Endorsed Employer, to see our benefits and policies click here

All our consulting professionals receive comprehensive training covering business acumen, technical and professional skills development. You’ll also have opportunities to hone your functional skills and expertise in an area of specialization. We offer a variety of formal and informal training programs at every level to help you acquire and build specialized skills faster. Learning takes place both on the job and through formal training conducted online, in the classroom, or in collaboration with teammates. The sheer variety of work we do, and the experience it offers, provide an unbeatable platform from which to build a career. 

Accenture is a an EEO and Affirmative Action Employee of Females/Minorities/Veterans/Individuals with Disabilities. 

Equal Employment Opportunity Statement for Australia and New Zealand:

At Accenture, our intention is to foster a culture and a workplace in which all of our people feel a sense of belonging and are respected and empowered to do their best work. 

We encourage applications from all people with the relevant skillset, and we are committed to removing barriers to the recruitment process and employee lifecycle. All employment decisions shall be made without regard to age, disability status, ethnicity, gender, gender identity or expression, religion or sexual orientation and we do not tolerate discrimination. If you require any accommodations or adjustments for interviews and/or at work, please reach out to exectalent@accenture.com or contact us at +61 2 9005 5000 (Australia) or +64 44666056 (New Zealand). 

Learn how Accenture protects your personal data and know your rights in relation to your personal data. Read more about our Privacy Statement.