Software security & privacy consultant

Job description


Who we are & How we work

As a consultant in the security & privacy team you take part in technical assessments and you advice clients (from Developers to C-level). You are involved in software quality in general and your focus is on controlling security and privacy risks in mission-critical systems. Working in the state of the art of this field, you build your work on world leading analysis of source code, design and the development process. You work in small teams during projects. These range from one-off assessments to a multi-year application landscape monitoring service.

Your work takes place in our office in Amsterdam and sometimes on customer location, in the Netherlands or abroad. You engage with decision makers as well as developers and architects, discussing your results with them in workshops and coaching them as part of long-term engagements. Apart from this, you help to further develop capabilities through R&D activities.

You will work closely with other SIG colleagues on projects for our customers, and you will often be leading the engagements with the customers. In the role of lead consultant you are the primary contact for the customer, and you can also develop business further with your customers.


Where you come in

Typically, your work will consist of:

·Being the trusted advisor to our senior clients

·Presenting results and providing recommendations to the client;

·Workshops with architects and developers to understand the technological context and discuss findings and recommendations;

·Involvement in analysis of code, architecture, documentation and design;

·Understanding the business context and larger application landscape;

·Coaching development teams to help them build security & privacy in;

·Business development with your customers;

·Contributing to our methodologies and products with your ideas.

You will receive rigorous training in the SIG proprietary toolset and methodologies. We will help you achieve your goals through continuous professional development and regular career progression sessions.

We are not interested in people who are just looking for a job. We are interested in people who want to change the world of software! SIG has big dreams in making information technology successful.


What's in it for you

We offer you a unique opportunity to join us on the forefront of getting software right. At SIG you can make a difference for the biggest organisations and for critical software systems that have become important in our lives. If you too believe that it is essential to do something about how software is engineered, to get it under control and to prevent serious incidents, then you can be at the heart of progress at SIG. We offer a job with much variety, continuous learning opportunities and access to unique knowledge. We have close academic relations and our education level is high. 85% of our employees have university degrees and about 30% have a PhD. Our organisation structure is flat, providing much room for your initiatives and ideas.  


.Strong expertise on Software Development with a specialization in "Secure Software Development" and a clear vision on typical topics (e.g. OWASP ASVS, static analysis tooling, MS-SDL, threat modelling, privacy by design, cryptography)

·Knowledge of software security tools

. Experience with secure code reviews

·2+ years in software engineering

·Strong opinion on software security/privacy and the ability to get this across

·Comfortable with discussing IT subjects at management/C-level

·Experience with leading project teams

·Great team player, to help further grow the security and privacy practice

·Analytical and able to simplify complex issues

·Excellent command of English and preferably Dutch

·Preferably you have evaluated software systems for vulnerabilities (e.g. pentest, code review)

·Willing to travel occasionally to perform on-site analysis