Application Security Manager (C-443)
SMASH, Who we are?We are agents for tech professionals that help to build careers in the United States.
We aim to find the perfect match.
As agents, we make sure to pair our talent with our US clients, not only by their technical skills but as a cultural fit.
Our core competency is to find the right talent, fast.
This position is to work with a US Company, you will be required to have a valid work authorization to apply for this role.
Legal authorization to work in United States will be verified.
This position is Hybrid, some work is Remote, some work is on site in Salt Lake CityAPPLICATION SECURITY MANAGEROVERVIEWThe Application Security Manager operates as part of a team responsible for protecting the confidentiality, integrity, and availability of company assets.
This role is a functional manager leading a team focused on software development lifecycle security practices, acting as a champion of secure coding and delivery practices.
The Application Security Manager maintains awareness of the threat landscape along with a detailed understanding of modern application development security techniques, skillfully applying knowledge and influence to achieve application security outcomes.
This role works closely with Information Technology, Solutions Engineering, and other stakeholders to understand company needs and risks.
JOB DETAILSSecurity Team Manager - Lead a team of Information Security Application Engineers tasked with advancing Secure SDLC program.
Build and foster the team's abilities to collaborate and achieve security outcomes.
Manage the team's project and operational activities in coordination with the Solutions Engineering team.
Advocate and advance goals of the application security program.
Lead application security reviews, deliver reports that enable understanding and remediation of security concernsSecure SDLC - Collaborate with Software Engineering and other technical teams to understand custom applications, development processes, and support systems in order to build secure by design services.
Assess and prioritize secure SDLC framework activities, assist in advancing engineer security awareness, perform secure code reviews, and build security into delivery and maintenance processes.
Work closely with architecture team to define security requirements for systems.
Security Operations - Maintain organizational threat & vulnerability management awareness, systems, processes, and procedures.
Understand the evolving threat landscape, assess company asset exposure, and carry out daily activities that support security goals.
Collaborate with IT teams to complete remediation efforts.
Participate in incident response activities.
Documentation - Review, assess, and update security documentation, including policies, standards, baselines, and procedures.
Maintain and update reporting processes that communicate key security KPI's to stakeholders.
Create and track metrics that reflect secure SDLC activity performance.
Security Culture - Act as a champion for the company's security aware culture.
Establish and foster cross team relationships, promote informed, educated security decision making across the organization.
Strive toward a culture of continuous improvement by advancing personal and team skills and capabilities.
JOB REQUIREMENTSREQUIRED Five years of software development, engineering, or architecture work experience Experience managing a professionally skilled team, including organizing work, evaluating performance, conducting reviews, and fostering employee development Substantive security focused, professional work experience Deep understanding of web application architecture design, software development, and related security concepts and concerns, including secure coding patterns, OWASP, data flows, authentication, access control, and data protection At least one domain related security certification, such as CISSP or CSSLP Exceptional communication and collaboration skills Ability to shape and support secure practices that are accomplished by others Experience with threat modeling methodologies, ideally STRIDE Ability to integrate security principles and techniques, such as IAM, defense in depth, least privileged access, and vulnerability management into development and delivery processes Proficiency in several coding languages, ideally C#, Python, React, Angular o Ability to quickly learn and apply security concepts to new languages Experience with relational database design and SQL query language Solid organizational skills and the ability to prioritize tasks Ability to prosper in a fast paced, constantly changing environment High level of integrity, trustworthiness, and ethics DESIRED Experience implementing governance models, such as NIST CSF or ISO 27001 Experience with Agile project management techniques Financial industry experience Experience with regulated environments such as PCI, HIPAA, GLBA, SOX, FFIEC A DAY IN THE LIFE OF AN APPLICATION SECURITY MANAGERo Lead the application security effort and teamo Guide team members' daily project and operational activitieso Interact with the Engineering team to advocate secure SDLC activitieso Manage and mature the application security program through direct interactionso Work with architects and engineers to review and design security requirementso Interact with sprint teams on security related issues, such as secure code reviews, threatmodeling, coding patterns, and security awarenesso Determine and report on secure SDLC metricso Participate in security operations activities, with an emphasis on source code and runtimeso Review patch and vulnerability notifications as issuedo Vulnerability discovery, validation, and remediation trackingo Collaborate with IT teams to design remediations and shepherd through to completiono Monitor for and review indicators of compromise from various systemso Contribute to design, planning, and implementation of security related projectso Write, review, and update security documentation, respond to audit requests Powered by JazzHR Recommended Skills Access Controls Agile Methodology Angular4 Application Security Architecture Auditing Estimated Salary: $20 to $28 per hour based on qualifications.
We aim to find the perfect match.
As agents, we make sure to pair our talent with our US clients, not only by their technical skills but as a cultural fit.
Our core competency is to find the right talent, fast.
This position is to work with a US Company, you will be required to have a valid work authorization to apply for this role.
Legal authorization to work in United States will be verified.
This position is Hybrid, some work is Remote, some work is on site in Salt Lake CityAPPLICATION SECURITY MANAGEROVERVIEWThe Application Security Manager operates as part of a team responsible for protecting the confidentiality, integrity, and availability of company assets.
This role is a functional manager leading a team focused on software development lifecycle security practices, acting as a champion of secure coding and delivery practices.
The Application Security Manager maintains awareness of the threat landscape along with a detailed understanding of modern application development security techniques, skillfully applying knowledge and influence to achieve application security outcomes.
This role works closely with Information Technology, Solutions Engineering, and other stakeholders to understand company needs and risks.
JOB DETAILSSecurity Team Manager - Lead a team of Information Security Application Engineers tasked with advancing Secure SDLC program.
Build and foster the team's abilities to collaborate and achieve security outcomes.
Manage the team's project and operational activities in coordination with the Solutions Engineering team.
Advocate and advance goals of the application security program.
Lead application security reviews, deliver reports that enable understanding and remediation of security concernsSecure SDLC - Collaborate with Software Engineering and other technical teams to understand custom applications, development processes, and support systems in order to build secure by design services.
Assess and prioritize secure SDLC framework activities, assist in advancing engineer security awareness, perform secure code reviews, and build security into delivery and maintenance processes.
Work closely with architecture team to define security requirements for systems.
Security Operations - Maintain organizational threat & vulnerability management awareness, systems, processes, and procedures.
Understand the evolving threat landscape, assess company asset exposure, and carry out daily activities that support security goals.
Collaborate with IT teams to complete remediation efforts.
Participate in incident response activities.
Documentation - Review, assess, and update security documentation, including policies, standards, baselines, and procedures.
Maintain and update reporting processes that communicate key security KPI's to stakeholders.
Create and track metrics that reflect secure SDLC activity performance.
Security Culture - Act as a champion for the company's security aware culture.
Establish and foster cross team relationships, promote informed, educated security decision making across the organization.
Strive toward a culture of continuous improvement by advancing personal and team skills and capabilities.
JOB REQUIREMENTSREQUIRED Five years of software development, engineering, or architecture work experience Experience managing a professionally skilled team, including organizing work, evaluating performance, conducting reviews, and fostering employee development Substantive security focused, professional work experience Deep understanding of web application architecture design, software development, and related security concepts and concerns, including secure coding patterns, OWASP, data flows, authentication, access control, and data protection At least one domain related security certification, such as CISSP or CSSLP Exceptional communication and collaboration skills Ability to shape and support secure practices that are accomplished by others Experience with threat modeling methodologies, ideally STRIDE Ability to integrate security principles and techniques, such as IAM, defense in depth, least privileged access, and vulnerability management into development and delivery processes Proficiency in several coding languages, ideally C#, Python, React, Angular o Ability to quickly learn and apply security concepts to new languages Experience with relational database design and SQL query language Solid organizational skills and the ability to prioritize tasks Ability to prosper in a fast paced, constantly changing environment High level of integrity, trustworthiness, and ethics DESIRED Experience implementing governance models, such as NIST CSF or ISO 27001 Experience with Agile project management techniques Financial industry experience Experience with regulated environments such as PCI, HIPAA, GLBA, SOX, FFIEC A DAY IN THE LIFE OF AN APPLICATION SECURITY MANAGERo Lead the application security effort and teamo Guide team members' daily project and operational activitieso Interact with the Engineering team to advocate secure SDLC activitieso Manage and mature the application security program through direct interactionso Work with architects and engineers to review and design security requirementso Interact with sprint teams on security related issues, such as secure code reviews, threatmodeling, coding patterns, and security awarenesso Determine and report on secure SDLC metricso Participate in security operations activities, with an emphasis on source code and runtimeso Review patch and vulnerability notifications as issuedo Vulnerability discovery, validation, and remediation trackingo Collaborate with IT teams to design remediations and shepherd through to completiono Monitor for and review indicators of compromise from various systemso Contribute to design, planning, and implementation of security related projectso Write, review, and update security documentation, respond to audit requests Powered by JazzHR Recommended Skills Access Controls Agile Methodology Angular4 Application Security Architecture Auditing Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
