Application Security Consultants - Application Security DevSecOps

An Application Security DevSecOps is responsible for the definition and implementation of cutting-edge automated lifecycle elements, such as application lifecycle management tooling, version control and branching strategies, continuous integration and continuous delivery pipelines, continuous code inspection, testing automation tools, environment management, infrastructure as code, and monitoring solutions.

The Application Security DevSecOps does that with a DevOps mindset, bridging together the needs of traditional development and operations teams in a sympathetic, collaborative way.

As a member of the Security Team, the Application Security DevSecOps will work in a collaborative environment where sharing skills and expertise is part of its DNA, cultivating a culture of security awareness to ensure security policies for applications, environments and systems are followed at all times.

Continuous learning is encouraged (and needed!) through our extensive training program, classroom/online courses from well-known providers and certifications., * Work with a team of architects and developers, operational leads, and functional owners to extend an application security program.

• Design and build an application integration secure framework.
• Propose proactive measures and new technologies to drive efficiency in securing client information assets.
• Champion the adoption of new technologies for security and drive the implementation into the environment.
• Create and update Agile user stories and epics to ensure security principles are present and tested, providing mentoring and skill set knowledge transfers to Scrum team members.
• Define security KPI's and measure program success, team success, client success.
• Assist with integration, implementation and administration of security systems.
• Actively participate to improve policies, security standards and procedures.
• Provide security training and technical guidance to less experienced team members and internal customers. Core Skills ("Must have")

Applicants must have Computer Science, Telecommunications or Engineering Degree or a related field, with experience in performing Application Security DevSecOps implementation., These are the main skills that an Application Security DevSecOps should demonstrate and exercise on a daily basis in order to fulfill its responsibilities and recurring tasks:

• Experience working with Agile methodologies such as Scrum or Kanban, and with a DevOps mindset.

• Technical security hands-on experience, integration and secure development/coding.

• Experience in Application Security Assessments, Application Security Strategy and Planning, taking part in all phases from the solution definition to the implementation.

• Experience with cloud infrastructure and platforms, being familiar with web application frameworks, API technologies, and micro services.

• Experience incorporating security processes and tools in life-cycle automation, continuous integration, continuous delivery, infrastructure and code, and monitoring.

• Experience with design, installation/development, & configuration of cyber-security solutions.

• Strong presentation skills valuable, while interacting with both technical and non-technical people, adapting the complexity of the vocabulary as required by the audience. Valuable Skills ("Nice to have") Although not all of them are required, breadth and depth of the following skills are positive valued for an Application Security DevSecOps role:

• Models and methodologies: Software development Waterfall, Agile methodologies such as Scrum or Kanban, and with a DevOps mindset.

• Technology Ecosystems: Strong on one or more of the most common languages and enterprise/web frameworks and services (Java, J2EE, C++, C#, .NET, JavaScript, Node.JS…), and comfortable in at least one scripting language (Python, Perl, Bash, PowerShell…).

• Development and Automation Tools: Experience in application building lifecycle (Maven, Gradle, Ant, Npm…) and automation (Chef, Puppet…).

• Continuous Integration & Continuous Delivery: Experience in automatization of CI/CD tasks in continuous release development DevOps environments (Jenkins, Ansible, Bamboo).

• Lifecycle management: Extensive use of change management technologies (SVN, Git…).

• Containers: Valuable knowledge on PaaS or containerized deployment architectures (OpenStack, OpenShift, Docker, Kubernetes…).

• Cloud Infrastructure: VMware, Microsoft Hyper-V, Microsoft Azure, Amazon Web Services, Google Cloud…

• Security standards: Experience with OWASP Testing Guide, OWASP TOP 10 and knowledge of other well-known security standards of the industry: OWASP-M, SEI CERT-J, SEI CERT-C, PCI, HIPAA and ISO 27001…

• Application Security standards: Experience with OWASP TOP 10, OWASP ASVS, CWE, MITRE, CAPEC, SANS 25. Valuable certifications

• CSSLP, OSCP, OSWE

Accenture, recognized as a Great Place To Work®, is a leading global professional services company that helps major businesses, public administrations, and other organizations around the world develop their digital core, optimize their operations, accelerate revenue growth, and improve services for citizens, creating tangible value at speed and scale. Would you like to be part of a team of over 19,000 cybersecurity specialists worldwide? Accenture has an opportunity for you to join our Cybersecurity team., Accenture is a leading global professional services company that helps the world's leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services-creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world's leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities. Visit us atwww.accenture.com Declaración de igualdad de oportunidades en el empleo Creemos que nadie debe ser discriminado por sus diferencias. Todas las decisiones de empleo se tomarán sin importar la edad, raza, credo, color, religión, sexo, origen nacional, ascendencia, discapacidad, condición de veterano militar, orientación sexual, identidad o expresión de género, información genética, estado civil, ciudadanía ni ningún otro criterio protegido por la legislación aplicable. Nuestra rica diversidad nos hace más innovadores, competitivos y creativos, lo que nos ayuda a servir mejor a nuestros clientes y comunidades.