Application Security Analyst

Application Security Analyst

Bring your talent and passion to Accenture – sharpen your skills, build an extraordinary career and play a key role in creating solutions that transform organizations and communities around the world.

We are a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. With more than 449.000 people serving clients in more than 120 countries, we drive innovation to improve the way the world works and lives.

We focus equally on employees’ development by creating a culture of excellence and offering extensive training programs that support professional growth.

Key Responsibilities:

• Work with clients to review security requirements and assess the security posture to identify gaps or improvements
• Consulting on and conception of solution modules for the secure design of applications, products and solutions of Accenture clients worldwide
• Participates in designated projects, developments or business initiatives, advising on information security risks
• Play an active role in developing security technical architecture design which supports a robust technology solution, taking into account the client business priorities, technical requirements and client specific security requirements
• Translate business processes in technical requirements and implementation
• Research and development in the field of IT security, including the topics of secure architectures, web security, cloud computing security and IoT
• Supports the development and implementation of the Data Protection Policy (including GDPR)
• Perform design and implementation security reviews
• Design and implement technical solutions to harden our clients’ platform

Basic qualifications:

• Successfully completed university studies in the field of computer science or engineering, preferably with a focus on IT security, cyber security or information security
• 2+ years of working experience in at least two of the following areas: Security Monitoring Implementation and Support, including Incident response (SIEM – ArcSight, Splunk, DLP etc.), Cyber Security (Enterprise Penetration Testing, Adversary Hunting, IoT/Embedded Security etc.), Infrastructure Security (IPS/IDS, NextGen Firewalls, VPN technologies, AntiSpam, Proxy,etc.), Identity and Access Management (Oracle Identity Management, Sailpoint IdentityIQ, Forgerock, Oracle Access Management, RSA etc.), Application Security (Data security & privacy, APIs Security, SSDLC, Threat modeling etc.)
• Sound knowledge and pronounced interest in IT security
• Experience in implementing security controls to improve system/platform overall security
• Current understanding of Industry trends and emerging threats
• Knowledge in security standards and regulations: NIST, ISO, PCI DSS, GDPR, PSD2
• Ability to work independently and pro-actively contribute in a global team environment
• Excellent interpersonal, organizational, documentation, and communication skills; able to concisely communicate security risks to both technical and business audiences
• Presentation skills with a high degree of comfort delivering presentations to both large and small audiences
• Understanding of applications, server, and network security and compliance requirements (including operational requirements needed to be GDPR compliant)
• Knowledge and experience with identifying and understanding the most common application security vulnerabilities (OWASP Top 10)

Nice to have:

• Previous technical background in:

• Web application development/ architecture or related fields
• JAVA, .NET, PHP, Ruby, Perl, Python and/or C/C++ experience

• Industry certification from vendors: ISC2, ISACA, GIAC, EC-Council, CompTIA, ITIL, Comptia Security +
• Knowledge in Risk and Compliance Management, Operational Models, Business Continuity Plan, Disaster Recovery Plan
• Solid understanding of network services, vulnerabilities, and attacks
• Knowledge of SIEM tools / Log Analysis
• Experience in security assessment for enterprise products using different tools, manual penetration testing methods and code review
• Experience in risk assessments in connection with GDPR requirements, including data security, security breach notifications, privacy by design and fair processing
• Understanding of emerging IoT/Mobile technologies and communications protocols
• Experience developing IoT solutions by getting hands one experience with devices and code
• Hands-on experience with IT security in the cloud environment as an architect, in development and/or operation, especially AWS and Microsoft Azure
• Previous experience in adjacent areas such as, Security Operations Center, Network Operations Center, System Administrator, Platform/Tool Support Engineer, IT Helpdesk support

Reasons for being our colleague:

- Continuous growth in a positive and multicultural work environment

- We take care to help you gain skills, knowledge and experience, together with highly marketable specialists

- Opportunity to work on complex projects for Global TOP Clients

- Competitive benefits package, including: meal vouchers, public transportation, medical services, private pension, life insurance, gym