Software Security & Privacy Consultant

Job description

Who we are & How we work

As a SIG consultant in the security & privacy team, you perform technical assessments, and you advise clients (from Developers to C-level).

You are involved in software quality in general, and your focus is on controlling security and privacy risks in mission-critical systems.

Working in the state of the art of this field, you play a central role in the world-leading analysis of source code, design and the development process.

You work in small teams during mostly short-term projects (mainly at our office in New York / working from home), by working with fellow experts and using special tooling.

Next, to analysing source code and design, part of your work is interviewing developers and architects, discussing your results with them in workshops and coaching them as part of long-term engagements.

Apart from this, you help to develop capabilities through R&D activities further.

Where you come in

Typically, your work will consist of :

• In-depth analysis of code and design strengthened with the best proprietary and third-party tools
• Technical workshops with (lead) architects and (lead) developers to understand the technological context, discuss and verify your findings
• Coaching development teams to help them build high standard security & privacy 'products'
• Presenting results and providing recommendations to the client
• Contributing to our methodologies and products with your ideas

You will receive rigorous training in the SIG proprietary toolset and methods. We will help you achieve your goals through continuous professional development and regular career progression sessions.

We are not looking for people who want a job. We are interested in people who want to change the world of software! SIG has high ambitions in making information technology successful.

What's in it for you

We offer you a unique opportunity to join us at the forefront of getting the software right. At SIG you can make a difference for the most prominent organisations and for critical software systems that have become important in our lives.

If you too believe that it is essential to do something about how software is engineered, to get it under control and to prevent serious incidents, then you can be at the heart of progress at SIG.

We offer a job with much variety, endless learning opportunities and access to unique knowledge. We have close academic relations, and our education level is high.

85% of our employees have university degrees, and about 30% have a PhD. Our organisation structure is flat, providing much room for your initiatives and ideas.

Requirements

Strong expertise on Software Development with a specialisation in "Secure Software Development" and a clear vision on typical topics (e.

g. OWASP ASVS, static analysis tooling, SecDevOps, threat modelling, privacy by design, cryptography)

• Knowledge of software security tools
• a few years in software engineering or code / design review
• Preferably you have evaluated software systems for vulnerabilities (e.g. pentest, code review)
• Strong opinion on software security / privacy and the ability to get this across
• Great team player, to help further grow the security and privacy practice
• Analytical and able to simplify complex issues
• Excellent command of English
• Willing to travel occasionally to perform on-site analysis
30+ days ago