Security Consultant – Embassy of Denmark in Ghana

Security Management
Accra
March 25, 2026
Contract
Urgent
Apply Now

Job Description

Purpose of the Activity

The primary goal is to provide independent security assurance while fostering a culture of secure coding within the GSS development team.

Strategic Objectives:

Knowledge Transfer: Improve the GSS development team’s capability in secure SDLC (Software Development Life Cycle) practices.

Shift-Left Security: Identify vulnerabilities during the coding phase rather than post-deployment.

Validation: Execute rigorous penetration testing to simulate real-world attacks.

Remediation Support: Provide “hands-on” patch guidance to ensure vulnerabilities are not just identified but closed.


Key Deliveries and Timelines

The Consultant must start no later than April 2026. The consultancy is expected to commence after each biweekly sprint phase. The final Assurance report (Deliverable D5) should be submitted no later than August 2026.

In each sprint the consultant is expected to spend four to eight (4-8) working hours with the GSS development team. The number of days should be seen as an average as the GSS team is expected to need less support as the project progresses.

Technical Requirements & Educational Qualifications

The Lead Consultant/Firm must demonstrate:

Web Application Security Testing

  • Proven ability to perform comprehensive security assessments and penetration testing for web applications.
  • Experience identifying and mitigating vulnerabilities such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), authentication flaws, and other common web security risks.

Secure Development and Code Review

  • Ability to conduct detailed code analysis and review to identify security weaknesses and recommend improvements.
  • Experience working within Agile development environments and supporting developers with secure coding practices.

Technology Stack Expertise

  • Strong technical proficiency in modern web development technologies including React, Node.js, Python/Django, and PostgreSQL.
  • Ability to review system architecture and application components built using these technologies.

Knowledge Transfer and Capacity Building

  • Demonstrated experience in providing structured technical feedback and guidance to the development team.
  • Ability to support GSS development team through technical briefings, documentation, and practical recommendations.
  • Certifications: Minimum of OSCP (Offensive Security Certified Professional) or CISSP for leads; GWAPT or CEH Master for testers.
  • Experience: At least 5 years in securing high-traffic government or financial web platforms.

Educational Qualification

  • A minimum of a Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Software Engineering, or a related field from a recognized institution.
  • A Master’s degree in Cybersecurity, Information Security, Computer Science, or a related discipline will be considered an advantage.