OpenSky is a rapidly growing Professional Services organization that operates on the premise that highly skilled, smart, experienced, and energetic people are the catalyst of any successful enterprise. Our focus lies in delivering information technology (IT) services centered on infrastructure, security, and compliance requirements within our client’s environment. OpenSky’s proven consulting engagement methodology ensures timely delivery of critical technology initiatives. We offer uniquely objective solutions to our clients by providing a vendor-neutral response to complex hardware and software decisions. Our resultant response and delivery relies on qualified consultants that adhere to a project-based approach on every engagement.
At OpenSky, we have a passion for partnering with our customers on their most complex information technology projects. We encourage a spirit of collaboration and open communication with our customers, partners, consultants, and internal teams. Our values include customer-focused excellence, teamwork, open communication, and a sense of urgency in everything we do.
Our most recent accolades include:
- FOX/CT – 2013 Best Place to Work (our third consecutive year!)
- Sloan Award - Excellence in Workplace Effectiveness and Flexibility
- Named to CRN's 2013 Tech Elite List
- Named to Inc. 500 List of America's Fastest Growing Companies
About The Opportunity
OpenSky is looking for an experienced Application Security Consultant to assist clients in analyzing existing products and developing a secure application strategy. Our team evaluates, architects and designs innovative application security solutions to assist our customers with their Software Assurance Assessment, Secure Software Development, 3rd Party Risk Assessment and Static and Dynamic Scanning needs. This is an exciting opportunity to assist a client in the development of secure web products. Our ideal candidate would have come up through the ranks with applications development experience and is now at architect level and enjoys working with development teams on security strategy and solutions using industry best practices.
Responsibilities include:
- Recommend best in class application security strategies and architectures that align with business and compliance requirements.
- Drive developer working group discussions to gather understanding of current state.
- Recommend solutions, draft development security diagrams, standards and other documentation as necessary
- Gather requirements, evaluate current state, document target architectures and develop roadmaps that address security gaps.
About You
- Must have several years of application security experience.
- Background in some of the following technologies would be ideal: Java / J2EE, Node.js, C++, Perl,SQL.
- Prior experience in designing, coding highly available, scalable, reliable services.
- Familiar with source code scanning technology (e.g. AppScan, CodePro)
- Relevant professional qualifications / certifications (CISSP, CISM, CISA, CSSLP, SANS, CHECK, CREST) is a plus
- Good understanding of Information Security standards, frameworks and best practice (OWASP, ISO 2700x, ITIL, CoBIT).
- In depth understanding of SDLC processes and software development methodologies
- Excellent interpersonal skills
- Strong program and project management skills
- Strong judgment and decision-making abilities
- Ability to track and drive multiple projects independently
- Must possess a proactive work style with the ability to set priorities, work in a self-forming, autonomous work group
- Experience in design, development, test and support of application security solutions throughout all phases of SDLC
Apply Online::