Application Code Review Security Consultant

ManpowerGroup Middle East

Riyadh, Saudi Arabia

Ref: HP647-1543

Job description / Role

Employment: Full Time

Our client an IT company is looking for a Application Code Review Security Consultant.

Position is based in Riyadh.

- Lead source code security engagements.
- Be seen by the customer as the trusted advisor and security expert.
- Drive growth from the existing engagement. In this role you are one of the foremost experts in Application Source Code Security Reviews.
- Should have experience in manual and automated source code reviews and ability to work alone and as part of team.
- Expected to drive, demonstrate IT Security leadership, and be able to interface with various levels of customers.
- Participate in internal assessments, open-source, Secure Software Assurance Assessments.
- Support Vulnerability and Penetration Testers during the assessments.
- Conduct periodic engagement and knowledge sharing forums with technology teams and various risk/security SMEs.
- Support the development of security standards and best practices that will facilitate a consistent security profile across the organization.
- Lead/contribute to the development of security tools and process reference models that will enable security professionals and application developers to efficiently incorporate security solutions/controls into new projects.
- Identify, assesses and document technical requirements for information/data and advise development teams on options, risks, costs vs. benefits.

Requirements

- Experience in an IT Risk organization or equivalent experience in risk and security processes with experience in the following areas Threat Modeling, Application Security Controls (e.g .OWASP Top (10), Authentication and Authorization, and Vulnerability Management, SDLC methodologies (AGILE, Waterfall).
- Experience of Static and Dynamic source code analysis tools such as Veracode, IBM Rational AppScan, HP Fortify, Whitehat, etc.
- Broad knowledge of various technology products and infrastructure services. Experience with Java, n-Tier technologies, enterprise databases, Mobile technology (wireless, IOS, Android, Blackberry), UNIX and Windows Server and Desktop OS, Web/Middleware (Apache, Tomcat, IIS, JMS/MQ), and (1) or more of the following languages:.NET, #C, C/C++ programming, and Virtualization technology, Network (Firewall, Load Balancing, Web Application Firewalls, Accelerators), Source Code Analysis and Review.
- Basic understanding of technology concepts, for example, firewall basics (layer 7 firewall versus network layer firewall), OSI stack, Proxy technologies, Active Directory/LDAP basics, asymmetric / symmetric encryption, IT Disaster Recovery and IT Resiliency testing, VPNs, SSL, Secure SDLC, Authentication protocols (e.g. Kerberos), Authorization (fine grained versus coarse grained), DMZ, understanding of OWASP top 10 and source code vulnerabilities (e.g. CSS, SQL injection, Directory traversal), IDS/IPS (host and network based), defect management, change management assurance, database technologies and concepts (e.g. DDL, DML, encryption options, compartmentalization (containers), etc).
- Excellent communication and influencing skills, with demonstrable ability to debate issues, stand firm on principles yet remain sensitive to business/technology drivers.
- Highly motivated, comfortable taking the initiative and able to work collaboratively.
- Strong written and oral communication skills, including guiding difficult conversations.
- Strong organizational skills and the ability to coordinate multiple parallel work streams.

About the Company

We lead in the creation and delivery of innovative workforce solutions and services that enable our clients to win in the changing world of work.

ManpowerGroup powers the success of many of the world's most dynamic organizations. We deliver innovative workforce solutions that enhance competitiveness, increase efficiency and spur productivity. Combining global reach with local expertise - 3600 offices in over 80 countries - we know the changing world of work and bring a deep understanding of the companies we work for and the industries we service.

ManpowerGroup entered the Middle East in December 2007 after acquiring local company Clarendon Parker, thus bringing 15 years in-depth local knowledge combined with a global footprint and industry shaping expertise and thought leadership. Manpower Middle East supports clients in the Middle East and North Africa regions. Our business is aligned to key skill specializations to ensure our clients requirements are met by expert and knowledgeable consultants that understand your industry and role requirement.

Our consultants are experts in finding the right talent across all industries in a broad-range of occupations including:

  • IT & Telecommunications
  • Engineering & Construction, Oil & Gas
  • Banking, Finance & Legal
  • Sales & Business Development
  • Marketing, Public Relations & Communications
  • Human Resources & Training
  • Customer & Support Services (Secretarial and Administrative)
  • Operational, Supply Chain & Logistics
  • Executive Recruitment
  • Emiratization Solutions
  • Recruitment Program Outsourcing Solutions
  • Managed Service Provider Solutions
  • Talent Based Outsourcing Solutions
  • Outsourced Staffing Solutions

Get personalised updates on latest vacancies
Job Alerts by Email
  • Personalised updates on latest career opportunities
  • Insights on hiring and employment activity in your industry
  • Typically sent twice a month
Payroll Accountant salaries in Qatar

Average monthly compensation
QAR 19,500

Breakdown available for industries, cities and years of experience