Associate Consultant Cyber Security at Wavestone advising clients on security strategies and IT transformations. Engaging in Cyber Security assessments and growing expertise in security topics.
About the role
- Cyber Security Engineer working with product teams to embed security in development lifecycle. Design, implement, and manage security controls across cloud infrastructure and application architectures.
Responsibilities
- Partner with product engineering teams to embed security practices into the software development lifecycle, from design through deployment.
- Define and maintain security patterns for common platform components (APIs, services, identity, secrets, data storage).
- Provide actionable remediation guidance for engineering teams, aligned to business risk and delivery timelines.
- Manage and triage findings across: SAST / SCA Container and artifact scanning Secret scanning DAST (where applicable) Malware Cloud security posture and configuration findings.
- Drive consistent risk scoring, prioritization, and remediation tracking aligned to SLAs.
- Validate fixes through testing and evidence-driven verification.
- Integrate security tooling and controls into CI/CD pipelines with a focus on automation and developer usability.
- Improve pipeline outcomes by reducing false positives and creating security guardrails that scale.
- Build automation and scripts for security testing, enforcement, metrics, and reporting.
- Assess and advise on security controls for: IAM and access policies Network segmentation and security groups Encryption and key management Logging and monitoring.
- Assist in root cause analysis and drive remediation actions that prevent recurrence.
- Contribute to security standards, runbooks, and operational readiness.
Requirements
- 7+ years in security or IT roles.
- 3+ years of hands-on experience in cybersecurity engineering, product security, DevSecOps, or secure platform engineering.
- Strong understanding of common application security risks and mitigations (OWASP Top 10, secure coding patterns).
- Experience integrating security scanning into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, Azure DevOps, etc.).
- Working knowledge of cloud security fundamentals (AWS, Azure, or GCP).
- Experience in at least one scripting/programming language (Python, Go, Java, JavaScript/TypeScript, or similar).
- Ability to communicate security risk clearly and pragmatically to engineering teams and technical leadership.
Benefits
- Health & Wellbeing
- Personal & Professional Development
- Unconditional Inclusion
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
IT Administrator contributing to the digital future at NewTec. Planning, implementing security solutions and collaborating closely with departments.
Director of Security Strategy & Transformation responsible for enterprise security strategy. Partnering with technology leaders to manage risk and drive business objectives in a US tech company.
Content Manager at FactSet developing and operating a cross - asset security master. Supporting teams to ensure accurate identification across various financial instruments with a focus on data governance and quality.
Sr. Software Engineer developing Cyber Security applications for Comcast. Collaborating with stakeholders and overseeing documentation and performance metrics.
Cyber Security Engineer developing and maintaining the Premonition platform for global cybersecurity operations at Comcast. Implementing AI and data engineering solutions for enhanced security workflows.
Junior Infrastructure Security Design Consultant at NTT DATA Romania assisting with security architecture documentation and various cybersecurity tasks. Requires 1 - 3 years of IT security experience and a bachelor's degree.
EHS Facilities & Security Leader overseeing safety and security operations for TAVS at GE Aerospace. Responsible for EHS strategy, leadership, and compliance across multiple sites.
Security Engineering Operations Coordinator assisting VP of Security Engineering at Cross River IT. Supporting technical teams and ensuring smooth operations in a hybrid model.
Security Architect defining security architecture standards for new Enterprise Architecture initiatives at Intelance. Collaborating with various architects and stakeholders to ensure pragmatic security designs.