Principal AppSec Consultant

2 days ago Be among the first 25 applicants Direct message the job poster from RiverSafe Recruitment Manager @ RiverSafe: Helping to grow a company #cybersecurity #devops #appsec The Role The Principal Application Security Consultant is a senior-level role responsible for leading and improving application security strategies, conducting security assessments and providing expert guidance on secure development practices. This role involves working closely with development teams, security engineers and business stakeholders to integrate security into the software development lifecycle (SDLC), mitigate risks and ensure compliance with security standards. Skills Strong knowledge of application security vulnerabilities (OWASP Top 10, CWE, SANS 25). Hands-on remediation support and vulnerability management expertise. Hands-on experience with threat modelling and secure code reviews. Experience with Mobile Application Security and API Security. Familiarity with security tools (Burp Suite, Fortify, Checkmarx, Veracode, ZAP, etc.). Experience with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Ability to conduct maturity assessments and gap analysis. Familiarity with RASP technology as well as traditional security tools like SAST or DAST. Excellent communication skills to engage with developers, executives and clients. Experience in consulting and working with multiple clients on application security projects. Certifications: CISSP, OSCP, GWAPT, CEH, CSSLP, or other relevant security certifications. Seniority level Mid-Senior level Employment type Full-time Job function Information Technology Industries Computer and Network Security, IT Services and IT Consulting, and Software Development #J-18808-Ljbffr