New York, Dallas, Los Angeles, Denver
9 months ago
Manager of Application Security Job Summary
I am looking for a goal oriented and driven Senior Application Security specialist to take that next step in their career. My client is looking to add a Manager of Application Security to their growing team. The position is a full time opportunity in which the applicant will be leading the charge for the Application Security Engineering team, responsible for outlining and implementing the application security strategy for the organization. The Application Security Manager will also be in charge of overseeing reporting, automation, and integration with the SDLC, as well as, working with application development and IT engineering staff.
Cybersecurity Duties and Responsibilities
- Lead Application Security Engineers to assess web, mobile and embedded applications and provide guidance and oversight
- Integrate and assist as needed with software development lifecycle (SDLC) methodology specifically adhering to best practices for cloud security and other infrastructure
- Conduct manual and automated application security testing using a variety of security tools and then work closely with the application developers to resolve any vulnerabilities.
- Annual Staff Performance Reviews, Mentoring, Coaching
- Create Risk Assessments of an application or solution to present to the business for acceptance.
- Identify and implement improvements to application security practices
- Develop testing scripts and procedures
Cybersecurity Requirements and Qualifications
- Bachelor’s degree in computer science or STEM subject preferred
- 7+ years' of relevant experience related to IT Security to include at least 4+ years' secure coding or serving an application security role in a production environment.
- Strong IT skills including knowledge on hardware, software, networks, and data centers
- Skillful with pertinent application security testing tools such as Burp and OWASP ZAP
- The ability to work together with a comprehensive range of people from different backgrounds
- Knowledge and experience w/ OWASP, CSA, CIS, ISO, SOLID, threat modeling