Basic Information
Ref Number
Last day to apply
Primary Location
Country
Job Type
Work Style
Description and Requirements
To be successful, this person must possess a strong understanding of the wide array of AppSec and InfoSec tools, protocols, and best practices applicable to application platforms, including their infrastructure. This person must have experience maintaining team documentation, leading meetings, escalating issues, and driving teams to deliver work.
The ideal person will have a minimum of 5+ years of experience in software engineering, cybersecurity, and/or cyber-audit, and will clearly express the following characteristics and competencies:
Clearly defining and developing new policies, processes, training documents, and best practices.
Collaborating with technical teams to improve observability.
Reviewing risk findings, assigning them to fixed teams, and reporting remediation efforts and related challenges.
Gathering key information for exception requests, including risk details, action plans, and remediation dependencies.
Partnering with security teams to improve data quality in security tools and external reports.
Hosting meetings with members of application, security, and leadership teams to communicate updates and changes to security postures.
Validating submitted evidence meets requirements to resolve risks and compliance issues.
Educating application teams on security subject matter.
Additional Job Description
Preferred Skills & Experience:
Strong verbal communication skills. Must be comfortable speaking in front of audiences including technical teams and senior leaders, including VPs.
Strong written communication skills with the ability to produce quality literature and technical documentation.
The ability to collaborate with technical teams to define, improve, and document procedures to meet compliance requirements.
Diligence in tracking and following up on action items and inquiries across multiple efforts and teams.
Strong knowledge in security standards and practices for both on-premises and AWS environments; CCSP, CISSP, or other cloud-focused application security certifications are a big plus.
Familiarity with Data Center and AWS infrastructure, including data center network architectures, virtualization, containerization, and AWS products/offerings.
Ability to perform analysis and tests to validate findings and remediation claims.
A strong knowledge of ITIL operations and agile development practices. Experience working in a DevSecOps culture is a plus. The ability to quickly navigate matrixed environments is a must.
Experience in a software engineering, delivery manager, or a project manager role is strongly desired.
EEO Statement
