Application Security Engineer / Vulnerability Mana

Location: Cary, North Carolina
Posted On: 9/13/2017
Job Code: 5445_APSECVM
Job Description
• Client’s Application Security Team within IT Risk & Security group leads the effort to secure the large and diverse application portfolio in the enterprise.
• The Consultant position coordinate the activities within the application security lifecycle which includes the security requirements and SDL alignment across global development teams, organizing and managing global testing effort leading to smooth and efficient testing cycles and remediation are performed according to best practices and performed on schedule.
• This is a position with high visibility and representation of the IT Risk & Security group to application development leaders both within the company and outside .

Key Responsibilities:
• Coordinate and monitor the compliance of global development team’s adherence to the SDL process and the related processes
• Facilitate the execution of web application security testing across all of the enterprise’s web applications on both a continuous and recurring risk based review schedule.
• Coordinate with application development teams to evaluate web application vulnerabilities and offer necessary consulting help to remediation of vulnerabilities
• Oversee and manage the documentation of flaws into risk registry and track remediation activities
• Collaborate with the global IT Risk and Security team to ensure the alignment on global delivery
• Assist in the generation of metrics to drive the continuous improvement program and present current state of security status to management team

Essential Business Experience and Technical Skills:
• 5+ years of combined IT, Cyber Security and Risk Control related experience
• 2+ years of leading projects or being a project manager
• Experience in SDL lifecycle or development projects
• Bachelor’s degree in Computer Science, Information Systems, Application Development or related field preferred, or years equivalent work experience.
• Professional certifications preferred, such as CISSP, CISA, CEH, CRISC, or GSE
• Knowledge of OWASP Top 10 Web Application Coding Vulnerabilities.
Category:IT  code:new
Job Requirements
Information Security Background, Application Security, Vulnerability Management

Not Ready to Apply?
Contact Details
Sidhartha Suveny
E-mail Address