IntroductionIn this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.Your Role and ResponsibilitiesThe successful candidate will perform application security assessments, code reviews, and Software Development Life Cycle (SDLC) security consulting in a customer environment. The candidate will be responsible for identifying specific and systemic security issues within applications and the application development and lifecycle maintenance process, and will also be a resource for the client in establishing and expanding the base of client knowledge in the area of application security. Projects may include:Executing SAST, DAST, IAST testingPerforming application Threat Modeling using STRIDE, Attack Trees, PASTA or VASTEstablishing DevSecOps and "Secure by Design" processesPerforming application security risk assessmentsCreating gap analysis and client improvement program recommendationsRequired Technical and Professional ExpertiseGood experience in Cybersecurity, specialized in Application Security or secure development.Knowledge in common application code review methods and standards.Knowledge in application development and coding in modern languages.Knowledge in OWASP tools and methodologies.Knowledge in standard Software Development Life Cycle (SDLC) practices.Experience in Application Security.Experience in IT and/or software development.Nice to have to be certified in CISSP, CEH, and/or CSSLP.Fluency in English.Preferred Technical and Professional ExpertiseMicrosoft Azure certification.GCP certification.CSSLP.#J-18808-Ljbffr