This boutique security consultancy are committed to assisting businesses and organizations in enhancing their overall security posture. They specializes in offering tailored advice and guidance to improve the security of applications, products, and systems across various industries.
They will place a strong emphasis on your continuous learning and innovation, so you can give the clients the most up-to-date and effective security advice while advancing your career.
The ideal candidate will have a passion for cybersecurity, specifically in the area of application security, and a willingness to learn and grow in a fast-paced environment.
What's in it for you:
- Flexible work arrangements
- A supportive and collaborative work environment
- Ample opportunities for professional growth and development
- The chance to contribute to open source projects and engage with the cybersecurity community
- Competitive salary and benefits package
Your day to day:
- Assist in delivering billable engagements, including but not limited to Application Security advisory, DevSecOps consulting, threat modeling, secure code review, white box penetration testing, application security maturity assessment, software security governance, risk and compliance, and policy development
- Contribute to the development of internal collateral, such as training materials, best practice guides, and template
- Write engaging and informative blog posts to showcase our expertise and educate the community
- Support internal projects to ensure Jepsec remains the cybersecurity partner of choice for our current and future clients
- Participate in continuous learning and professional development, including contributing to open source projects, conducting research, and engaging with the cybersecurity community
- Collaborate effectively with team members and clients to achieve project objectives.
What we are looking for:
- Basic understanding of application security principles and best practices
- Strong analytical and problem-solving skills
- Excellent written and verbal communication skills
- Comfortable with talking to stakeholders in a variety of technical, management, and executive roles
- Eagerness to learn and grow in the field of application security
- Familiarity with at least one programming language (e.g., Python, C#, JavaScript)
- Knowledge of common web application vulnerabilities and secure coding practices
- Familiarity with DevSecOps principles and tools
- Relevant certifications - such as OSCP, CSSLP, CISSP
- Experience with penetration testing tools and methodologies;
- Experience with enterprise cloud environments - such as AWS or Azure
- Knowledge of common security standards and frameworks - such as ISO, NIST, CIS, OWASP.
If you are interested in applying, please send me your updated CV, a cover-letter or dot-points about how your experience and key achievements relate to this opportunity.
Feel free to provide a capability statement / demonstrated examples to optimize your application for better results.
Don’t hesitate to give me a call on 0452 564 644 if you have any questions.
Cheers,
Kris@decipherbureau.com