Application Security Consultant

Accenture Overview

We are a global collective of innovators applying the New every day to improve the way the world works and lives. Help us show the world what's possible as you partner with clients to unlock hidden value and deliver innovative solutions. Empowered with innovative tools, continuous learning, and a global community of diverse talent and perspectives, we drive success in a new business architecture that disrupts conventional practices. Our expertise spans 40+ industries across 120+ countries and impacts millions of lives every day. We turn ideas into reality.

ACCENTURE SECURITY

Accenture Security delivers continuous, rapid-fire innovation and new business capabilities that meet -and redefine-the needs of the digital era. You'll help our clients-including 94 of the Fortune 100 and governments around the world-transform their technology infrastructures using resources that range from cloud, data centers, and workplace to networks, security, and managed services.

• Lead efforts to develop proposals and evangelize/market/sell solutions in the Secure Application Development domain
• Partner with Leaders and Account Team members to support innovation, growth, and business development activities
• Cultivate opportunities to grow business from existing client engagements
• Oversee the health and successful delivery of client engagements
• Help clients achieve the benefits that Application Security, DevSecOps, and a Shift Security Left methodology can offer
• Leverage skills, experience, and subject matter expertise to serve clients in a consultative role as well as in a technical capacity
• Assist with the design, development, and rollout of Application Security programs, capabilities, and practices that typically involve the integration of security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, metrics, dashboards, and production release procedures
• Drive adoption of relevant Secure Application Development principles, tools, and practices to help clients achieve higher levels of maturity
• Mentor, coach, supervise and develop team members
• Provide knowledge transfer and earning opportunities for team members to enhance their skills and experience
• Promote a Secure Application Development culture in our clients and within Accenture
• Lead efforts to identify, interview and hire talented professionals into the Secure Application Development domain

• Minimum of 3 years of experience managing medium to large-sized IT teams and IT projects
• Minimum of 2 years of experience working with secure development methodologies and tools, such as SAST, SCA, DAST, and/or Penetration Testing Tools
• Minimum of 2 years of experience leading DevOps-based software development teams that involved
  • Working in an Agile development environment, with an end-to-end understanding of the SDLC
  • DevOps CI/CD tools such as Git, Jenkins, Ant/Maven/Gradle, Nexus/Artifactory, SonarQube, Puppet/Chef/Ansible, etc.
  • Application container tools and technologies such as Docker, Kubernetes, Image Registries, or equivalent cloud services

• The candidate is not expected to have all the skills listed in this category, but the items on this list are a definite bonus

• Solid understanding of the end-to-end secure software development life cycle (S-SDLC)
• Familiar with one or more software security frameworks and maturity models such as OWASP, NIST, BSIMM, OpenSAMM, etc.)
• A strong desire to facilitate and pursue training, education and certifications that support professional growth as a Subject Matter Expert (SME) in Application Security

• Degree/experience requirements: A Bachelor of Science Degree in a technical concentration (Math, Engineering, Computer Science, Cyber Security) is preferred, but candidates with non-technical degrees or without degrees will be considered by demonstrating extensive relevant experience in Information Technology and Security which supports expertise in the skills needed to execute this role.
• Ability to travel up to 100%, but more typically Monday through Thursday at client locations (when business travel resumes - current work is 100% remote)
• Solid understanding of the end-to-end secure software development life cycle (S-SDLC)
• Experience designing, developing, deploying, and securing web and cloud-native applications
• Experience with Lean, Agile, and DevOps methodologies
• Experience with DevOps CI/CD tools, capabilities, and security integrations.
• Experience with one or more Infrastructure as Code tools and technologies such as AWS CloudFormation Templates, Azure Resource Manager Templates, Google Cloud Deployment Manager Templates, OpenStack Heat, Terraform, Ansible, etc.
• Experience performing application security assessments that involve threat modeling, security testing, and vulnerability management and remediation
• Experience with at least 1 of the following: Amazon Web Services, Microsoft Azure, Google Cloud Platform
• Cloud Certification (Practitioner, Security, Developer, Architect)
• Industry-recognized certification in security (e.g., CISSP, CSSLP, CASE, CEH, etc.)
• Bonus - Experience with one or more of the following technologies: cloud computing, Infrastructure-as-Code, application containers (Docker, OpenShift or equivalent, image registries), container orchestration (Kubernetes, Docker Swarm or cloud equivalent), container security tools (Aqua Security, Twistlock, NeuVector, jFrog Xray, Clair, Sysdig, etc.), microservices, identity and access management, secrets management (such as Hashicorp Vault)