Technical Consultant - Application Security

CTG is seeking to fill a Technical Consultant – Application Security position for our client.

Location: Remote
Duration: 12 months

Duties:
• Provide expert guidance to clients on application security challenges, risks, and vulnerabilities across complex application portfolios.
• Integrate security controls and guardrails throughout the Software/Application Development Lifecycle, including Design, Build, and Deployment phases.
• Lead and execute threat modeling activities to identify potential attack vectors and recommend proactive security measures.
• Implement and operationalize Secure SDLC and DevSecOps practices across cloud and multicloud environments.
• Conduct application security testing, assess findings, and determine remediation priorities.
• Drive application security vulnerability management, including the analysis of high-risk vulnerabilities, formulation of mitigation plans, and reduction of false positives.
• Support application modernization initiatives by embedding security practices across Cloud AppSec, IaaC, and DevSecOps processes.
• Advise on application security strategy and architecture for Azure, AWS, and GovCloud environments.
• Collaborate with cross-functional teams, including developers, cloud engineers, and architecture groups, to ensure secure design and implementation.
• Prepare documentation, dashboards, and reports summarizing security posture, metrics, and remediation activities.

Skills:
• Proficiency in Cloud Application Security, DevSecOps practices, and Infrastructure-as-Code security.
• Strong understanding of Azure, AWS, and GovCloud security architectures and services.
• Hands-on experience with application security testing tools and automation frameworks.
• Strong knowledge of threat modeling methodologies and secure coding principles.
• Ability to analyze complex security vulnerabilities and define actionable mitigation plans.
• Familiarity with CI/CD pipelines, cloud-native development, and container security.
• US Citizenship required.

Experience:
• Demonstrated experience in application security engineering, consulting, or DevSecOps roles.
• Experience integrating security within modern application development and cloud environments.
• Experience supporting multicloud application modernization initiatives.
• Background in security vulnerability analysis, triage, and remediation coordination.

Education:
• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field preferred.
• Relevant certifications (e.g., CEH, GWAPT, GCSA, CSSLP, or cloud security certifications) are advantageous.

Excellent verbal and written English communication skills and the ability to interact professionally with a diverse group are required.

CTG does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services for this role.

The expected base salary for this position ranges from $50.00 to $120.00 per hour. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, market factors, and where applicable, licensure or certifications obtained. In addition to salary, a competitive benefits package is also offered.