View all jobs


You can apply at the link below as well:
​Salary: Please submit an application and we'll email you the salary info.

The Cyber Risk Programs-App Cert Consultant III, will primarily provide services to clients related to assessing application security through a programmatic approach while also validating security controls related to an application’s software development life cycle. The position will also be expected to support Cyber Risk Program clients. The Consultant will provide leadership, coaching, and mentoring to a team of Professional Services Cyber Security Consultants and others, responsible for the delivery of the Cyber Risk Programs (CRP), Application Security Certification Program, and Cloud Security Risk Assessment Program.

  • Schedule assessments that are consistent with contractual requirements.
  • Conduct assessments and deliver reports that are consistent with contractual requirements.
  • Speak with and present to technical teams as well as C level executives.
  • Write technical reports and interpret results.
  • Validate controls according to industry standards and best practice.

You have a deep background and experience with understanding how to quantify application security threats, risks & vulnerabilities and business impact variables, and how to prioritize risk initiatives based on business need, compliance & regulatory requirements, and risk reduction. You are a security expert in application security testing and control validation while willing to support other teams delivering security services we offer on a global basis.

You'll need to have:

  • Bachelor’s degree or four or more years of work experience.
  • Four or more years of relevant work experience.
  • Experience delivering and leading technical services in cyber security governance, risk, and compliance, audits & assessments, or support & delivery of IT/Cyber security services, methods and practices.
  • Experience in IT/Cyber Application Security.
  • Experience with Governance, Risk & Compliance assessment/audit role.
  • Knowledge of Application Security, Risk & Compliance with ability to adapt and map to multiple other frameworks.
  • Industry Certifications of at least one or more related to application security such as GWAPT, OSWE, GWEB, GMOB, GXPN.
  • Industry Certification of CISSP, CISM, and/or CCSP.
  • Experience in translating information security controls, policies and requirements into actionable operational policies, processes & procedures and cyber security technology solutions.
  • Valid Driver’s license.
  • Willingness to travel both domestically and internationally up to 25% of the time.

Even better if you have one or more of the following:

  • Masters in a relevant subject matter such as Cyber/Application Security.
  • Multiple industry recognized IT Security Certification / Certificates from SANS, ISACA, ISC (2), CSA vendors specific to Risk Assessments, Auditing & Risk Management, Cloud Security, Application Security, Vulnerability Management, Financial & HealthCare industry security and penetration testing.
  • Excellent communication and presentation skills, and comfortable and competent in presenting to both technical engineers and to “C” level executives.
  • Experience with security controls, security and risk frameworks and tools/platforms such as Unified Compliance Frameworks, Alyne, ISO, NIST, VERIS, OWASP, FFIEC, FAIR, etc. and mapping of risk assessment activities to multiple risk and compliance frameworks.
  • Experience in delivery or supporting large & complex global cyber security enterprise networks.
  • Public speaking experience and skills in developing and presenting cyber security topics to a diverse audience both in person and via “virtual” means such as web conferencing.
  • Business or service design, development or scripting/programming experience.
  • Strong level of experience with standard office applications such as Google Suite, Microsoft Office Suite, Slack, video/web conferencing tools and platforms.
KP Recruiting Group was started to create a world-wide network of multi-level, highly skilled talent; that are either experts or working to become one, in their respective fields. Our process involves focusing on the talent, skills, and experience of an individual as a key indicator of the present and future value that they will bring to any organization.

In establishing a network, we are able to forge genuine relationships with talent and gain valuable insight that allows us to understand what motivates them. This data allows us to give strategic advice to our partners as they go through the process of managing their human capital.

See our jobs and apply here: https://kprecruitinggroup.catsone.com/careers/7781-General

Powered by