Posted October 21, 2021
Lead Application Security Engineer
The Lead Application Security Engineer is a technical role and serves as serve as subject matter expert in product security architecture, security...
The Lead Application Security Engineer is a technical role and serves as serve as subject matter expert in product security architecture, security testing, secure design review and security engineering
Position Description:
- Design and execute an application security strategy
- Create, maintain, and enforce application security development policies, procedures and standards
- Develop security integrations to be used in CI/CD pipeline and for development teams
- Work with development teams to ensure that application security risks are identified and remediated in a timely manner while maintaining a balance between security & usability
- Consult and train developers on secure coding practices and ensure development teams are validating for OWASP
- Triage vulnerabilities from dynamic and static scanning tools with development teams
- Assist with code reviews and develop secure libraries
- Perform web application penetrating testing
- Strategize and implement the OWASP software assurance maturity model
- Manage and tune web application firewalls
- Design and implement technologies to automate security processes
- Consult on secure architecture, least privileged design, threat mitigations, and security standard methodologies.
Qualifications:
- Experience leading application security programs
- Bachelor’s Degree in Computer Science or related field is preferred.
- 5+ years of experience in application security, application development and DevSecOps
- OSWE, GWAPT or similar certification is preferred
- Communicate and present security concepts to technical and non-technical audiences
- Knowledge with SOX and SOC2 compliance is preferred
- Experience in enterprise application development and design
- Experience with identity lifecycle management and federation technologies such as SAML
- Hands on experience with AWS
This listing expired on Nov 20. Applications are no longer accepted.
Below are some other jobs we think you might be interested in.
-
DevOps Engineer III
- Security Risk Advisors
- Philadelphia, PA, USA
- Remote
May 01 -
Senior Cyber Security Analyst
- Valley Water
- San Jose, CA, USA
May 13 -
AdaptiveWork Systems Engineer
- Pinkerton
- Seattle, WA, USA
May 03 -
Assistant Director, Infrastructure and Business Development
- Metropolitan Transportation Commission
- San Francisco, CA, USA
- Hybrid
Apr 29 -
Senior Network Administrator
- Irvine Ranch Water District
- Irvine, CA, USA
Apr 29 -
Assistant Director, Service Delivery
- Metropolitan Transportation Commission
- San Francisco, CA, USA
- Hybrid
Apr 29 -
Executive Vice President Information Technology and Chief Information Officer (EVP & CIO)
- Bonneville Power Administration
- Portland, OR, USA
- Hybrid
Apr 27 -
Chief Information Officer (CIO)
- National Institute on Aging
- Bethesda, MD, USA
May 09 -
Director of Health Informatics
- Pace University
- New York, NY, USA
May 01 -
Information Technology Director
- City of Tigard
- Tigard, OR, USA
May 08 -
Mobile/Web Developer (.Net)
- Air Line Pilots Association
- Atlanta, GA, USA
May 17 -
Unified Technology Solutions Architect
- Pennsylvania Turnpike Commission
- Middletown, PA, United States
- Hybrid
May 16 -
IT Service Management Specialist
- Pennsylvania Turnpike Commission
- Middletown, PA, United States
- Hybrid
May 01 -
IT Vendor & Contracts Manager
- Washington State Department of Natural Resources
- Olympia, WA, USA
- Hybrid
May 03