Must have 5-8 years of experience.

Must possess a strong understanding of the wide array of AppSec and InfoSec tools, protocols, and best practices applicable to application platforms, including their infrastructure.

Must have experience maintaining team documentation, leading meetings, escalating issues, and driving teams to deliver work.

The ideal person will have a minimum of 5+ years of experience in software engineering, cybersecurity, and/or cyber-audit.

Clearly defining and developing new policies, processes, training documents, and best practices.

Collaborating with technical teams to improve observability.

Reviewing risk findings, assigning them to fixed teams, and reporting remediation efforts and related challenges.

Gathering key information for exception requests, including risk details, action plans, and remediation dependencies.

Partnering with security teams to improve data quality in security tools and external reports.

Hosting meetings with members of application, security, and leadership teams to communicate updates and changes to security postures.

Validating submitted evidence meets requirements to resolve risks and compliance issues.

Educating application teams on security subject matter.

Strong knowledge in security standards and practices for both on-premises and AWS environments; CCSP, CISSP, or other cloud-focused application security certifications are a big plus.

Familiarity with Data Center and AWS infrastructure, including data center network architectures, virtualization, containerization, and AWS products/offerings.

Ability to perform analysis and tests to validate findings and remediation claims.