Deloitte Cyber Risk Application Security Consultant in Boston, Massachusetts
Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte could be the place for you. This is an unparalleled time of change with new information security challenges arising each day. Our team of Cyber risk professionals bring industry experience, confidence, and technical knowledge to help our clients tackle those unique challenges. If you are seeking a role that offers exposure to enterprise-level software implementations and variety to your day-to-day routine while allowing you to develop personally and professionally, consider a career in Deloitte Advisory's Cyber practice.
Work you will do
The responsibilities of an Application Security Consultant are broad and may vary depending on your level of experience and skills. Responsibilities include but are not limited to:
Performing security software architecture review and threat modeling
Advising and implementing secure software architecture patterns
Performing application security program-level assessments leveraging industry preferred practices
Modernizing application security program through DevSecOps program implementation
Scanning / testing modern apps at code, container, Kubernetes, API and cloud layer
Designing and automating application security leveraging CI/CD pipelines
Communicating security concepts to non-security clients such as developers, architects, engineers, business executives
Extracting pain points from the clients and solve them through planning, managing, execution and communicating with clients
Remediating security vulnerabilities working directly with clients
Representing Deloitte's technical, business, and professional values to customers, partners, and peers.
BA/BS Degree in Computer Science, Cyber Security, Information Security, Engineering, or Information Technology
1+ years of experience in software or security consulting
1+ years of experience in software development using Java, Microsoft .NET, or C/C++
1+ years of experience using build tools (e.g. ant, make, maven, msbuild, nant, etc.)
1+ years of experience in developing and/or deploying Web applications
1+ years of experience with multiple operating systems
1+ years of experience in enterprise security or application security
1+ years of experience in IT operations (e.g., incident handling, NOC, SOC, etc.)
CSSLP, CISSP, CISA, CCP MCP/MCSE or SANS certifications
Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve
Limited visa sponsorship may be available
Fundamental understanding of software, computer, and network architectures.
Highly motivated, competitive, entrepreneurial and attracted to challenging opportunities.
Demonstrates the ability to work in a fast-paced environment where organizational skills are essential.
Has strong problem solving, analytical, interpersonal, and ownership skills.
Possess excellent collaboration skills with a wide variety of internal team members.
Is an intelligent, self-starting, self-confident individual with integrity and accountability.
Possess strong written, verbal and presentation skills.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.