Sunday , December 10 2023

Cyber Security Jobs in Norfolk (Deloitte) – Application Security Manager

Website Deloitte

Job Description:

Deloitte’s Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise.Work you will do

Job Responsibilities:

As a Solution Delivery Manager in the hybrid operate business, you are responsible for adhering to the defined operating procedures and guidelines in operating the application security services in the Managed Services model, which includes the following:

  • Involved in triaging and defect tracking process with the development team and helping the team to fix issues at the code level based on the priority of the tickets
  • Understand security architecture concepts including topology, protocols, components, and principles to perform threat modeling
  • Performing active monitoring and tracking of application related threat actors and tactics, techniques and procedures (TTPs), that could likely cause an impact to client organization
  • Understand application architecture controls & design based on security standards and regulations such as NIST, PCI-DSS, ISO etc.
  • Understand and be compliant with the Service Level Agreements defined for the DevSecOps services
  • Facilitate use of technology-based tools or methodologies to continuously improve the monitoring, management and reliability of the service
  • Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled during operations
  • Understand and deep knowledge of application security engineering principles, and helping client’s development team and function to follow secure development practices which includes primarily monitoring and performing the security design review, architecture review, threat modeling, security testing, secure code review, secure build processes
  • Perform manual and automated security assessment of the applications
  • Be a liaison between the Application development and infrastructure team, and integrate the processes between infrastructure monitoring and operations processes with the secure development/testing and management processes
  • Identifying, researching and analyzing application security events which may include emerging and existing persistent threats to the client’s environment

Job Requirements:

  • Must have cloud security specialization in Security
  • Knowledge of one or more scripting languages for automation and complex searches
  • Knowledge and experience of OWASP Top 10, SANS Secure Programming, Security Engineering Principles
  • Bachelor’s in computer science or other technical fields
  • Hands on experience in penetration testing of mobile, desktop and web applications
  • Experience on Web application firewalls such as Kona
  • Experience with application monitoring, Managed Services business primarily on DevOps, Threat and Vulnerability Management for Application infrastructure, source code verification, link analysis, and threat modeling;
  • Certification such as SANS GIAC, ISC2 CSSLP, OSCP
  • Ability to research and characterize security threats to include identification and classification of application related threat indicators
  • Hands-on experience in performing code review of dot Net, Java and Swift and objective C code
  • Experience in collecting, analyzing, and interpreting qualitative and quantitative data from defined application security services related sources (tools, monitoring techniques etc.)
  • Investigative and analytical problem-solving skills;
  • Must have experience in writing custom exploitation scripts and utilities
  • Knowledge of cloud environments and deployment solutions such as server less computing

Job Details:

Company: Deloitte

Vacancy Type:  Full Time

Job Location: Norfolk, VA, US

Application Deadline: N/A

Apply Here