Application Security (DevSecOps) Consultant

Job Description & Summary

We are looking for experienced consultants who are passionate about cyber security in our digital world and specifically security of digital products.Our team enables a more secure society by helping international and local organizations improve their security. 

What you are going to do

Together with over 150 professionals in the Netherlands, you could work on leading and cutting edge projects with a focus on Application Security/DevSecOps, helping clients define and implement measures to build security into their development processes and manage security risks arising from utilized software. You help ensure that the right measures are in place for security of different applications utilized in client organizations (COTS, internally developed, SaaS, etc).

You recognize yourself in the following

• Strong experience working with development teams to integrate security practices within development processes, including excellent understanding of the inherent technical and organizational challenges and innovative approaches for addressing them
• Strong knowledge of Agile secure software development lifecycle practices including threat modeling, security user stories, security testing, build validation etc;
• Solid experience working with application security controls and tools (DAST, SAST, SCA etc) as part of a DevOps pipeline
• Knowledge of application security vulnerabilities and experience with remediation processes for related issues
• Understanding of DevOps practices, tooling (Jenkins, Chef, Git, Docker, Kubernetes, etc) and relevant security issues
• Excellent communication skills, both orally (conversations, discussions, presentations) and written (drafting and writing of sound reports in which findings are succinct and clearly communicated, appropriate to the target group and tailored to the needs of the client)
• Good knowledge of the following: OWASP SAMM; OWASP ASVS; BSIMM; NIST SSDF. 

What do we offer you

We believe in the power of an inclusive culture and we want everyone to feel free to be themselves. We offer access to a PwC global network, where you can exchange knowledge, ideas and questions with experienced professionals regarding Cyber Security and other disciplines. We also offer you:

• numerous training sessions and courses that contribute to your personal and professional development, 
• an appropriate salary and extensive employment conditions, including a well-being budget. This is a personal annual budget of € 1.000 to spend on your health, for example on mindfulness, sport, lifestyle coaching, wellness, and noise-cancelling headphones;
• a fully equipped, ergonomic home office with a second monitor;
• a monthly internet allowance;
• a lease car/car allowance, laptop and iPhone; 
• 32 holiday days per year; 
• hybrid working at the client, at home and at the office;
• the possibility, within standard working hours, of focusing on Corporate Responsibility, various networks, diversity, innovation and/or recruitment;
• Very exciting activities, including drinks get-togethers, a Christmas party, and a skiing weekend. (During the COVID-19 pandemic, you can count on online events).

Getting started at PwC

Are you enthusiastic? Send us your CV and a covering letter explaining why you’re applying and why you’re the right person for this position. Click on the red button and apply immediately!

After we’ve received your application: 

• You’ll immediately receive a confirmation in your inbox;
• We’ll contact you within two weeks for a short introductory meeting;
• If everyone is enthusiastic, then we’ll schedule an online assessment.