Job Listing Description

Senior Application Security Engineer

What does a great Senior Application Security Engineer do?
The role of Senior Application Security Engineer is a vital component in the Enterprise Architecture team and cybersecurity program for the company’s Output Solutions business unit. An important part of this role includes architecting, developing, maintaining, and demonstrating appropriate measures to minimize application security risk and maintain compliance with external requirements as conveyed in the enterprise security standards. You will participate in a variety of projects and leverage your experience in technology and security to assess risks and recommend solutions. Additionally, you’ll promote security awareness among the application development teams and lead them in implementing controls and remediations to protect the company and its clients against emerging Cybersecurity threats.

This position includes primarily internal client and executive interaction with occasional external client and assessor interface, and as such requires strong professional presence, communication, negotiation and decision-making skills. The ability to establish exceptional relationships and credibility with internal application development and Cybersecurity team associates external clients, third parties, and company enterprise functions will be essential to your success, as will the ability to lead other team members in the execution of projects.

Essential Job Responsibilities:
1. Provide both hands-on and high-level guidance for defensive coding practices based on mitigation of OWASP Top 10, SANS 25 software design flaws
2. Interpret static and dynamic code activities for both internal and external web applications
3. Work with the internal Applications Development function to drive the development of strategies, remediations and solutions for improving both architecture and application security
4. Work with application development software and infrastructure engineers in designing application security controls across a range of technologies to include but not limited to legacy .NET, C#, Java, Cobol, and containerized micro-services applications
5. Implement and model security practices for enterprise & cloud environments
6. Collaborate with the Enterprise Cybersecurity Team to deliver solutions for the Output Solutions business, consistent with the enterprise Information Security strategy
7. Perform risk assessments and security architecture reviews across a variety of technology platforms and applications
8. Leverage experience to provide security guidance in strategic projects to improve the business unit’s security, risk and compliance posture
9. Proactively identify security risks, recommend remediation and mitigation techniques, clearly articulate the issues to impacted teams, provide code samples where applicable and work with them to resolve
10. Prepare, review and deliver concise, well-written security architecture and coding recommendations and communications
11. Facilitate and support the selection, design, implementation, and tuning of security tools
12. Engage directly with clients, auditors, and regulators to provide accurate and timely responses to security inquiries
13. Develop and foster constructive professional relationships with executive and line management
14. Establish trust and credibility with key stakeholders while promoting security awareness principles and compliance with security standards and regulatory requirements.
Basic Qualifications for Consideration:
1. Five or more years of direct application design and development experience focused on application security
2. Technical proficiency in two or more of the following areas:
a. Application Design and Development
b. Application Security (including OWASP concepts and application architecture and controls)
c. Computer Operations (including capacity, performance, and problem management)
d. Database Administration & Security
e. Information Security & Data Privacy
f. Network & Infrastructure Architecture and Security (including network segmentation concepts, firewalls, routers, VPN solutions etc.)
g. Systems Development (including SDLC, project management and change control methodologies)
3. Demonstrated ability to take ownership and follow up on issues
4. Demonstrated ability to work in a team and to work well under pressure
5. Advanced analytical and problem-solving skills
6. Consistently demonstrates clear and concise written and verbal communication
7. Proficient in interpreting and applying policies, standards and procedures

Preferred Skills, Experience, and Education:
1. ALM process and tooling including CI/CD automation and Agile SDLC methodologies
2. Bachelor’s or advanced degree in Information Technology/Computer Science/Management Information Systems
3. Experience with static and dynamic application scanning tools, and interpretation/communication of results
4. Experience with security protocols and technologies (firewalls, IDS/IPS, DLP, SIEM, VPN, etc.)
5. Experience managing and implementing enterprise security tools (Fortify, Splunk, Imperva, Nessus, Qualys, etc.)
6. Experience conducting security technology/architecture reviews, risk assessments, and application penetration testing
7. Information security operations experience, including implementation of processes in line with best practices
8. Financial services experience, including working with auditors and assessors in highly regulated environments
9. Project management experience
Personal Attributes/Qualities:
1. Impeccable integrity
2. Exceptional professionalism
3. Leader and mentor
4. Consensus builder
5. Strategic thinker
6. Excellent communication skills, both oral and written
7. Credible and trustworthy
8. Quality and execution focus
9. Professional skepticism
10. Sound decision making and judgment

Travel required:
The selected candidate must be willing to travel up to 20% domestic, internationally as necessary
Job Number: 2010112911
Job Location: Alpharetta, GA
Duration: 6 months
Input Date: 03/06/2020
Last Updated: 04/07/2020
Attention: Tyler Belisle
City, State: IRVING, TX 75062
Phone: 214/647-9600
800 Phone: 800/270-4737
Fax Phone: 214/647-9630

Previous Listing       Next Listing
Back to Abbreviated Search Results
Back to Complete Search Results
Back to Advanced Job Search

Phone: (425) 806-5200
Fax: (425) 806-5585
ContractJobHunter is a service of:
C.E. Publications, Inc.
P.O. Box 3006, Bothell, WA 98041-3006, USA
The content of this website is Copyright 2020 C.E. Publications, Inc.