Application Security Manager

14 Nov 2024

Vacancy expired!

Leadership:Determine application security requirements by evaluating business strategies and requirements against established security standards, risk assessment methodology, and client requirements

  • Provide guidance to Information Security and Development teams on secure coding best practices
  • Serve as subject matter expert on application security tools and techniques
  • Work with the Director of Information Security to stand up a repeatable process that can be used to assess all applications in the pipeline for risk
  • Risk and Threat Management:
  • Perform risk analysis to determine risk profile of internal applications and in turn determine required security posture for internal applications
  • Understand and evaluate the cyber threat landscape and assist in threat modeling activities
  • Assist with creating and tuning application security monitoring use cases
  • Research and Analysis:
  • Perform technical research into advanced, targeted attacks, campaigns, malware and other emerging technologies and techniques to identify and report on application security cyber-attacks
  • Conduct application penetration testing, as needed, to verify security measures are sufficient
  • Identify common coding flaws at a high level. Evaluate open source and third-party software components for potential security flaws and vulnerabilities
  • Conduct insightful research on observed and noteworthy applications threats, as discovered using open and proprietary source as well as vendor-provided intelligence
  • Assess behavioral and atomic threat indicators and their fidelity, and distribute indicators to applicable teams for ingestion
  • Audit and Reporting:
  • Track and report progress on software assurance security initiatives to management
  • Create application security reports aligned with OWASP top 10, PCI, HiTrust, etc.
  • Bachelor’s degree in Computer Science related field or equivalent work experience
  • Strong software development skills in .NET, C#, Java or Python
  • Understanding of secure code review in technologies such as ASP.NET, C#, JavaScript, Jquery, JSON, Python, Node.js, web APIs
  • Knowledge of SQL / NoSQL Databases to include MSSql, Postgres, MongoDB
  • Familiarity with common web application testing tools for Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Interactive Application Security Testing (IAST) analysis
  • Experience integrating security into Dev Ops environments and the use of tools such as Checkmarx
  • Experience with application penetration testing using tools such as Burp Suite and Metasploit
  • Experience with Identity Access Management technologies (e.g. including SAML, LDAP)
  • Familiarity with Web Application Firewall(s) (WAF) and reverse proxies
  • Ability to adjust and adapt in a fast pace and dynamic environment
  • Ability to communicate technical problems, vulnerability, and risk into a business
  • Ability to make sound decisions and possess excellent problem-solving skills
  • We are passionate about empowering our employees to be extraordinary – and they continue to come through. So, if you are an Innovator, Collaborator and Doer, then welcome home.

  • ID: #22714646
  • State: Indiana Carmel 46032 Carmel USA
  • City: Carmel
  • Salary: Depends on Experience
  • Job type: Contract
  • Showed: 2021-11-14
  • Deadline: 2022-01-09
  • Category: Et cetera