Application Security Senior Consultant – Anywhere USA – Full time

Roznos Enterprises LogoThe Application Security Practice of AT&T Consulting Solutions is looking for qualified persons to join its

team of world-class security professionals. This position will be focused on providing guidance around

application security considerations to our portfolio of Fortune 500 clients, conducting security

assessments of applications hosted and deployed on a wide range of platforms and languages, and work

with the practice leadership to keep abreast of developments in the application security space from

both a technical and a policy/process/procedure/compliance perspective.

Key job responsibilities will include:

 Perform application security reviews, penetration tests, and code-level reviews

 Consult with application owners on application vulnerabilities and security best practices

 Follow standard methodologies and develop new and innovative processes.

 Focus on results and work within tight timelines.

 Demonstrated ability to learn and apply critical thinking to a variety of situations.

Required Qualifications

 3-5 years of experience conducting web application security reviews

 Expertise in web application vulnerabilities and security best practices

 Knowledge of network and application design, support and development

 Experience with the following Web Assessment tools: BURP Suite PRO, APP Scan, and other

tools as needed.

 BS in CS, Engineering, Information Systems or equivalent.

 Experience performing penetration testing at the network layer

 Experience performing secure code reviews on common languages and experience with tools

such as Fortify 360 or AppScan Source Edition

 Understanding of web application protocols (HTML, HTTP, XML, etc.)

 In depth understanding of SDLC models and approaches

 Experience coding with C/C++, Java, .NET or other programming and scripting languages

 Excellent communication (written and oral) and interpersonal skills

 Strong organizational, multi-tasking, and time-management skills

 Ability to travel

Additional Qualifications

 Active security clearance a big plus

 Application development experience a plus

 Mobile application security experience a plus

 Consulting experience is a plus

 CISSP or other security certifications

 Governance, regulatory or controls experience

 Understanding of software development methodologies such as waterfall, Rational Unified

Process and Agile software development

 Understanding of information security and available security tools and technologies


  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: