Skip to main contentA logo with &quat;the muse&quat; in dark blue text.
EPAM Systems

Application Security Consultant

Kyiv, Ukraine

Striving for excellence is in our DNA. Since 1993, we have been helping the world's leading companies imagine, design, engineer, and deliver software and digital experiences that change the world. We are more than just specialists, we are experts.

EPAM is committed to providing our global team of 36,700+ EPAMers with inspiring careers from day one. EPAMers lead with passion and honesty and think creatively. Our people are the source of our success and we value collaboration, try to always understand our customers' business, and strive for the highest standards of excellence. In today's new market conditions, we continue to support operations for hundreds of clients around the world remotely, with the vast majority of our teams working from home. No matter where you are located, you'll join a dedicated, diverse community that will help you discover your fullest potential.

Want more jobs like this?

Get jobs in Kyiv, Ukraine delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.


DESCRIPTION
As an Application Security Consultant you will be responsible for leading the team that will implement Application Security program on, establishing secure SDLC process and secure architecture.
Responsibilities
  • Lead and coordinate Security Audits for on-going projects: (from Architecture, Process, Risk and Testing etc.)
  • Work as a Security Consultant helping to establish secure development activities in SDLC end-to-end, be able to provide clarifications related to security in development
  • Perform Application Security Trainings for Development Teams
  • Contribute to building Secure Architecture and Design for the projects
  • Communicate with customers and teams, be able to convey the message about importance of Secure Software development Life Cycle, the ways of establishing it
  • Cooperate with all sub-teams: BAs, Developers, Qas; build consistent understanding of Security Requirements, main Threats, Mitigations implemented
  • Be able to communicate and coordinate work with other Security Teams - Infrastructure Security Experts, Penetration Testers
Requirements
  • 3+ years of professional experience in the field of Software Development
  • Passion to develop in the field of Security
  • Understanding of at least one Security Development methodologies (e.g. Microsoft SDL, OWASP OpenSAMM, BSIMM etc.)
  • Understanding of main Security-related activities in development such as Security Requirements gathering, Risk Assessment, Threat Modeling, Security Code Review
  • Understanding of security threats, their classification
  • Understanding of most common implementations of the Threats (e.g. XSS, SQL Injection, XSRF, buffer overruns, brute force, rainbow tables, DoS etc.) and how they match the general classification
  • Understanding of main security concepts and principles
  • Understanding of main areas of protection and levels of defense
Nice to have
  • Familiarity with the tools for various security activities: Static Code Analysis, Pen Testing, Intrusion Detection/Prevention etc
  • Knowledge of Security Features and Mechanisms provided by at least one OS and development platform/technologies
  • Understanding of mitigation mechanisms for every type of threats
  • Familiarity with existing security standards and regulations experience of requirements implementation
  • Understanding of basic principles of infrastructure security and penetration testing
  • Ability to use the tools to perform actual attacks is a plus
  • Certification in any security area is a plus
We offer
  • Competitive compensation depending on experience and skills
  • Individual career path
  • Unlimited access to LinkedIn learning solutions
  • Social package - medical insurance, sports
  • Compensation for sick lists and regular vacations
  • English classes with native speakers (certified English teachers)
  • Flexible work hours
Apply

Job ID: EPAM-53645
Employment Type: Other

This job is no longer available.

Search all jobs