About the Role
This role is responsible for ensuring that all systems meet rigorous security standards before production release. You will act as a critical gatekeeper by validating security controls, verifying remediation outcomes, and enforcing secure deployment practices across applications and cloud environments.
Key Responsibilities
- Execute end-to-end pre-production security validation (security tollgates) for new systems and major architectural changes
- Perform hands‑on verification of SAST, DAST, and infrastructure scan findings to ensure critical vulnerabilities are properly remediated
- Validate infrastructure hardening across servers, containers, and databases using CSPM tools and industry standards such as CIS benchmarks
- Review and confirm implementation of key protection mechanisms including Web Application Firewalls and DDoS mitigation controls
- Coordinate penetration testing activities, review findings with stakeholders, and ensure recommended fixes are effectively implemented
- Verify compliance with project‑specific security requirements such as encryption, access controls, and data protection measures
- Provide formal security approval for production releases, with authority to halt deployments when risks are not adequately mitigated
- Collaborate closely with engineering and operations teams to enforce security standards while maintaining delivery timelines
Required Qualifications
- Strong understanding of application security, including OWASP Top 10 vulnerabilities and secure coding principles
- Deep knowledge of cloud security risks and misconfigurations across major platforms, as well as network security controls such as WAF and DDoS protection
- Hands‑on experience with security tools such as Snyk, SonarQube, Wiz, Burp Suite, Veracode, or AWS Security Hub
- Ability to analyse Infrastructure as Code templates, container configurations, and application code for security gaps
- Proven experience validating remediation efforts and conducting re‑testing using security scans and validation scripts
- Strong attention to detail and ability to enforce security standards with confidence and professionalism
- Excellent stakeholder management skills with the ability to balance security requirements and business objectives
Preferred Qualifications
- Experience working within DevSecOps or secure SDLC environments
- Familiarity with penetration testing methodologies and vulnerability management lifecycle
- Knowledge of compliance frameworks and security benchmarks (e.g., CIS, NIST)
- Relevant security certifications such as CEH, OSCP, or CSSLP
Equal Employment Opportunity Statement
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.
Accenture is committed to providing veteran employment opportunities to our service men and women.
