Job Description

What We'll Bring: The TransUnion Cyber Security program seeks an application security consultant to help identify and mitigate application security vulnerabilities. This resource will serve on TransUnionxe2x80x99s application security team, where theyxe2x80x99ll perform core services that are essential to securing TransUnionxe2x80x99s business. The application security consultant should be well versed in multiple security domains with an emphasis on static code analysis and the ability to perform code reviews.Senior Information Security ConsultantAbout TransUnion:
TransUnion is a global information and insights company which provides solutions that help create economic opportunity, great experiences and personal empowerment for hundreds of millions of people in more than 30 countries. We call this Information for Goodxc2xae.TransUnion is a major credit reference agency and we offer specialist services in fraud, identity and risk management, automated decisioning and demographics. We support organisations across a wide variety of sectors including finance, retail, telecommunications, utilities, gaming, government and insurance.Wexe2x80x99re looking for a Senior Consultant to join our growing Information Security team. This role is a key member of the TU UK Security Team and reports into the UK Information Security Manager. The ideal candidate will have a strong technical security background, be able to work collaboratively and pragmatically with stakeholders from across the business and will possess a strong delivery mindset. They need to be willing and able to undertake multiple projects and prioritise them appropriately using their own initiative. The role provides fantastic opportunities to work across multiple security disciplines, with huge potential for individual growth and development.What You'll Bring:Remediation validations against prior findingsSemi-automated code reviewsStatic code analysisSoftware composition analysisInteractive application security testing (IAST) analysisConsult with developers and architects on secure developmentWork with application teams to communicate vulnerabilities, provide remediation guidance, demonstrate issues and work with developers to remediate and mitigate risksWork on and track tasks via TUxe2x80x99s ticketing systemProvide metrics related to your work on a bi-monthly basisHelp build and improve operational processesFamiliar with AWS/GCP and other cloud technologiesStay up to date on application security attack vectors and risksAbility to automate repetitive tasksImpact You'll Make:Requirements/Skills/Qualification5 - 10yrs relevant experienceExperience in multiple areas of Information SecurityExtensive experience in web application security testingExtensive experience in application securityExperience in performing secure code reviews (both automated and manual)Familiar with OWASP Top 10Familiar with development methodologiesExperience with one or more programming languagesAbility to automate repeatable tasksStrong verbal and written communication skillsWexe2x80x99d love to see:Development experienceExperience working in large enterprisesFamiliarity or experience with CI/CD pipelines and Agile methodologiesExperience working with AWS and cloud platformsOne or more of the following certifications (or similar): GPEN, GWAPT, GWEB, OSCP, CISSP, eCPPT, etc.Familiarity with tools such as Veracode, Checkmarx, Fortify, Burp, IBM AppScan, and BlackDuckIt is a requirement of the Global Capability Centre Africa that you reside in a home that is fibre ready; and has space for you to be able to work comfortably and confidentially on a day-to-day basis for the purpose of your proposed employment. You can be based anywhere in South Africa and will not be able to work in a location outside of South Africa.A Minimum of a 100 Meg Fibre line is required, should you be successful, you will need to upgrade your line in order to work effectively.If you haven't heard from us for 3 weeks, please consider your application unsuccessful.This is a remote position which may require occasional in-person attendance at work-related events at the discretion of management.TransUnion Job TitleSr Consultant, Information Security

TransUnion