Application Security Specialist (regular/senior) (She/He/They)

The Cyber Security team, part of Accenture Security, assists clients in securing hybrid environments and applications at every stage of the software development lifecycle, ensuring that the principles of 'Security by design' and 'Security by default' are followed, thereby integrating security into the SSDLC process.  

THE WORK:

• Collaborate closely with architecture, product, and development teams to embed security principles from the earliest stages of the Software Development Life Cycle (SDLC), following a security‑by‑design and shift‑left approach.
• Perform application and system security assessments in accordance with recognized industry standards and frameworks, including OWASP ASVS, OWASP Top 10, OWASP API Top 10, CWE Top 25, and other relevant security best practices.
• Design, implement, and govern security controls across the SDLC and SSDLC, ensuring consistent application of secure coding standards, security gates, and automated security testing.
• Conduct security architecture reviews for end‑to‑end solutions, including hybrid, cloud‑native, containerized, microservices‑based, and event‑driven architectures.
• Analyze and assess the security of application code, APIs, infrastructure‑as‑code (IaC), CI/CD pipelines, and supporting platforms.
• Support the design of modern, secure development environments, including secure CI/CD pipelines, hardened build environments, secure artifact repositories, and developer tooling.
• Define and drive Secure Software Development Lifecycle (SSDLC) processes, from security requirements definition and prioritization to software supply chain security, including dependency management, third‑party risk, and SBOM analysis.
• Perform threat modeling for applications and systems, with a strong focus on hybrid, distributed, and cloud‑based environments, identifying risks and proposing effective mitigation strategies.
• Provide hands‑on support to development teams in analyzing, prioritizing, and mitigating identified vulnerabilities, ensuring pragmatic and scalable security solutions.
• Assess and secure AI‑enabled systems and platforms, including applications based on machine learning, large language models (LLMs), and AI agents, across their full lifecycle.
• Identify and mitigate AI‑specific security risks, such as model abuse, prompt injection, data poisoning, training data leakage, insecure model deployment, and unauthorized model access.
• Define security requirements and controls for AI pipelines, including data ingestion, model training, model storage, inference APIs, and integration with existing systems.
• Leverage AI‑based security tools and automation to enhance vulnerability detection, code analysis, threat detection, and security operations efficiency.
• Support governance and compliance efforts related to responsible and secure use of AI, including risk assessments, security controls, and alignment with internal and external regulations.

Flexible: The work location for this role may include a mix of working remotely, onsite at a client or in an Accenture office - depending on specific project circumstances. 

With all our roles, there is some in-person time for collaboration, learning and building relationships with clients, peers, leaders, and communities. As an employer, we will be as flexible as possible to support your specific work/life needs.