Software security&privacy consultant

Job description



Who we are & How we work

As a SIG consultant in the security & privacy team you perform technical assessments and you advice clients (from Developers to C-level). You are involved in software quality in general and your focus is on controlling security and privacy risks in mission-critical systems. Working in the state of the art of this field, you play a central role in world leading analysis of source code, design and the development process. You work in small teams during mostly short-term projects (mainly at our headquarters in Amsterdam), by working with fellow experts and using special tooling. Part of your work is interviewing developers and architects, discussing your results with them in workshops and coaching them as part of long-term engagements. Apart from this, you 

help to further develop capabilities through R&D activities.


Where you come in

Typically, your work will consist of:

  • Technical workshops with lead architects and lead developers to understand the technological context and discuss your findings
  • In-depth analysis of code and design in the SIG certified laboratory
  • Coaching development teams to help them build security & privacy in
  • Presenting results and providing recommendations to the client
  • Contributing to our methodologies and products with your ideas

You will receive rigorous training in the SIG proprietary toolset and methodologies. We will help you achieve your goals through continuous professional development and regular career progression sessions.

We are not interested in people who are just looking for a job. We are interested in people who want to change the world of software! SIG has big dreams in making information technology successful.


What's in it for you

We offer you a unique opportunity to join us on the forefront of getting software right. At SIG you can make a difference for the biggest organisations and for critical software systems that have become important in our lives. If you too believe that it is essential to do something about how software is engineered, to get it under control and to prevent serious incidents, then you can be at the heart of progress at SIG. We offer a job with much variety, continuous learning opportunities and access to unique knowledge. We have close academic relations and our education level is high. 85% of our employees have university degrees and about 30% have a PhD. Our organisation structure is flat, providing much room for your initiatives and ideas.  


Requirements

Requirements

  • Strong expertise on Software Development with a specialization in "Secure Software Development" and a clear vision on typical topics (e.g. OWASP ASVS, static 
analysis tooling, MS-SDL, threat modelling, privacy by design, cryptography)
  • Knowledge of software security tools
  • 3+ years in software engineering
  • Strong opinion on software security/privacy and the ability to get this across
  • Comfortable with discussing IT subjects at management/C-level
  • Great team player, to help further grow the security and privacy practice
  • Analytical and able to simplify complex issues
  • Excellent command of English and preferably Dutch
  • Preferably you have evaluated software systems for vulnerabilities (e.g. pentest, code review) •    Willing to travel occasionally to perform on-site analysis