Why does security matter?
Today’s cyber security threats are realistic, causing major financial losses and reputational damage. Leading organizations to invest more controls and manage their risks to ensure optimal protection against potential data breach.
An enterprise leader providing solution for telecommunication organization, is required to protect firstly its IP, reputation and ensuring required protection for their customers, aligned with contractual requirements.
Having the proper Secure Software Development Life Cycle (S-SDLC) is becoming essential for projects development and solutions deployment, allowing to have the certainty of proper security safeguards, proper communication and understanding of potential risks and required mitigations.
The role of the Security Consultant for S-SDLC
Information security consultant for S-SDLC will work closely to build, implement and governing security from day one to production and follow best practices. A solid development background and have progressed to be a security expert. The ability to keep up to date on all new security challenges and work with our teams to develop protection mechanism.
Perform application security assessments including architecture review, threat modeling. Assist and enable R&D teams to adopt secure development practices. Provide software security advice and issues to resolution to cross-functional teams including product, engineering, and services.
2 years of software security experience, conducting threat analysis and design review from complex software products.
Expertise in building, implementing and governing security policies, becoming a single point of contact of security in all S-SDLC tasks, challenges, and requirements.
Supporting secure development related activities and generating value (examples can be shared).
Awareness, risk visibility and challenges solving approach.
Knowledge with security scanning tools like Black Duck, Fortify, Checkmarx, OWASP ZAP etc.