Posted October 21, 2021
Lead Application Security Engineer
The Lead Application Security Engineer is a technical role and serves as serve as subject matter expert in product security architecture, security...
The Lead Application Security Engineer is a technical role and serves as serve as subject matter expert in product security architecture, security testing, secure design review and security engineering
Position Description:
- Design and execute an application security strategy
- Create, maintain, and enforce application security development policies, procedures and standards
- Develop security integrations to be used in CI/CD pipeline and for development teams
- Work with development teams to ensure that application security risks are identified and remediated in a timely manner while maintaining a balance between security & usability
- Consult and train developers on secure coding practices and ensure development teams are validating for OWASP
- Triage vulnerabilities from dynamic and static scanning tools with development teams
- Assist with code reviews and develop secure libraries
- Perform web application penetrating testing
- Strategize and implement the OWASP software assurance maturity model
- Manage and tune web application firewalls
- Design and implement technologies to automate security processes
- Consult on secure architecture, least privileged design, threat mitigations, and security standard methodologies.
Qualifications:
- Experience leading application security programs
- Bachelor’s Degree in Computer Science or related field is preferred.
- 5+ years of experience in application security, application development and DevSecOps
- OSWE, GWAPT or similar certification is preferred
- Communicate and present security concepts to technical and non-technical audiences
- Knowledge with SOX and SOC2 compliance is preferred
- Experience in enterprise application development and design
- Experience with identity lifecycle management and federation technologies such as SAML
- Hands on experience with AWS
This listing expired on Nov 20. Applications are no longer accepted.
Below are some other jobs we think you might be interested in.
-
Lead Big Data Engineer (Team Lead) - Hybrid Denver, CO
- GridX
- Denver, CO, USA
- Hybrid
Jun 05 -
Senior Cyber Security Analyst
- Valley Water
- San Jose, CA, USA
May 13 -
Hiring Full Stack (Chief) Engineer for Medical Education iOS App
- MedQ
- Ojai, CA, USA
- Hybrid
Jun 05 -
Systems Administrator
- City of Chicago Office of Inspector General
- Chicago, IL, USA
May 23 -
Director of Government Affairs, Institute for AI Policy and Strategy (IAPS)
- Institute for AI Policy and Strategy (IAPS)
- Washington, D.C., USA
- Hybrid
Jun 05 -
Information Technology Director
- City of Tigard
- Tigard, OR, USA
May 08 -
Mobile/Web Developer (.Net)
- Air Line Pilots Association
- Atlanta, GA, USA
May 17 -
Unified Technology Solutions Architect
- Pennsylvania Turnpike Commission
- Middletown, PA, United States
- Hybrid
May 16 -
Systems Administrator
- Tech Experts
- New York, NY, USA
Urgent!Jun 05