The point where experts and best companies meet
Share
Your day to day:
Responsibilities will be tailored based on business need, experience, and interest. In your day-to-day role, you will:
You help drive the operational workflow around application security vulnerabilities
You will determine the impact of vulnerabilities in our environment and communicate them to stakeholders across the company
You will report to the Senior Manager, Threat Exposure Management and provide updates on critical vulnerabilities and overall posture
You will collaborate across our team and key stakeholders to identify, drive and implement process improvements to reduce the time to detect and mitigate vulnerabilities and increase overall efficiency
You will work with our internal and external service providers/vendors to resolve blockers and maintain high quality service
You will be work with TEM/Product Security leadership to maintain the forward looking roadmap for the team, including defining and monitoring performance against Objectives and Key Results (OKRs), planning for new capabilities, evaluating vendors, and individual career development plans
You have and encourage a passion for cybersecurity and learning through asking questions and experimenting with different approaches
Provide consulting and advisement to software engineers on best practices, secure coding techniques, and vulnerability remediation
Document and automate vulnerability management runbooks
Stay up to date with the latest security trends, technologies, vulnerabilities, and attacks, and incorporate this knowledge into your day to day work
What you need to bring:
At least 5 years of experience in an application security or software development discipline; 2+ years doing this at large enterprise scale
Strong programming experience in at least one language such as Ruby, Java, Python, JavaScript, Swift.
Experience with interpreting the results of application security scans, such as, but not limited to: Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), API security scanners, Software Composition Analysis, Secrets scanning
Experience working with developers to communicate deficiencies and implement security measures.
Experience in identifying and remediating common application security vulnerabilities such as OWASP Top 10 and a deep understanding of web application and mobile app vulnerabilities, leveraging tools such as, but not limited to, GitHub Advanced Security, Blackduck, Coverity, Acunetix, Veracode
Excellent written and verbal communication skills.
Ability to work independently and as part of a team.
Experience with implementing and configuring vulnerability managementplatforms/applicationsecurity posture management platforms (for example, Seemplicity, Kenna, Brinqa, Vulcan, ArmorCode)
Excellent written and verbal communication skills.
Familiarity with relevant financial services regulations and security standards, such as PCI-DSS and ISO27001
Ability to operate in fast-paced environment, in a self-driven manner, taking initiative and ownership to propose improvements and solutions
Demonstrate attention to detail, excellent analytical thinking, communication and time management skills
Experience in working with large data sets to determine patterns and drive to key takeaways
Ability to mentor and guide junior team members.
Experience with at least one of the main cloud vendors is a plus (Amazon Web Services, Azure, Google Cloud Platform)
Industry certifications (e.g., CISSP, CISM, CCSP, or equivalent) are a plus
Travel Percent:
0 Bachelors Degree or EquivalentThe total compensation for this practice may include an annual performance bonus (or other incentive compensation, as applicable), equity, and medical, dental, vision, and other benefits. For more information, visit .
The U.S. national annual pay range for this role is
$84500 to $204600
Our Benefits:
Any general requests for consideration of your skills, please
These jobs might be a good fit