To apply for this job you must first either login or register

Principal Consultant (DevSecOps)

Ontario  - Permanent

Job Description

As a Principal Consultant (DevSecOps), you will help lead and grow the Application Security Advisory business. You will help build business cases, identify new opportunities with customers, and drive the overall strategic direction of our services. You will advise customers on enterprise-wide application security programs, including secure software development process and best practices across the SDLC. You will be responsible for running a customer’s entire Application Security program, including managing consultants and client staff. You will work across the country, on client sites with our key stakeholders, to deliver quality through being face to face with your customers.

**Please note there is a 60-70% travel requirement for this role.

Soft Skills
• You are smooth with C-level executives, speaking in front of boardrooms and summarizing engagement milestones and budgetary information.
• You are convincing in translating technical language into business solutions that executive stakeholders can latch on to.
• You love working with customers, helping solve big problems, and charming stakeholders across enterprise entities.
• You believe in quality deliverables and are a true professional.
• You understand that security is there to enable the business.
• You are comfortable with non-standard work hours and working remotely.
• Ultimately, you know how to Get Things Done.

Special Perks:

• Regular company events.
• Innovative and respectful work environment.
• Time and budget for Learning and Growth
• Encourage interaction with the security community by participation in security events such as conference and local chapter meetings.
• Flexible work environment

Must Have Skills:

Technical Skills
• 8+ years of experience in an information security role focused on application security and secure SDLC.
• Expertise in SAST (e.g. Fortify, Checkmarx, etc.) tooling including triage and code review.
• Expertise in DAST (e.g. WebInspect, AppScan, etc.) tooling including triage.
• Experienced with leading a team in best practices of AppSec tooling within a CI/CD environment including development and deployment tools.
• Expertise in the leading, execution and delivery of information security engagements.
• Expertise in advising customers on application security including business process gaps, implementing recommendations, and helping achieve buy-in within enterprise organizations.
• Ability to analyze root causes and deliver strategic recommendations during client reviews.
• Experience with security governance processes, vendor management, or development.
• Ability to work internationally is an asset.
• CISSP, CSSLP, or GIAC certifications is an asset.

Education (Bachelors Degree in the following disciplines preferred)
• Software engineering
• Computer science/electrical engineering
• IT/system and network administration
• Other applicable engineering disciplines

Starting: ASAP
To apply for this job you must first either login or register