Wednesday, February 12, 2014

Application Security Lead

Are you missing our Emails on gmail.com?
Drag Customeriskinginc.com emails and drop them to the "PRIMARY" tab

The Application Security Lead, a senior level position, provides security
consulting support to business
and project teams regarding the development or
acquisition of applications, databases and systems solutions that are responsive
to business needs, address technical requirements and are aligned with company
security strategies, policies and standards.

DUTIES:

Leads the development of an application security program, embedding security
tasks in the SDLC, conducting application security design/code reviews and
proactively working to reduce risk through improving the security of deployed
applications.

Guides the security of applications by consulting to development teams in the
development of threat models, understanding risks, identifying vulnerabilities
and in the remediation and mitigation of application coding vulnerabilities.

Develops and maintains secure application development standards.

Represents security interests on project teams by ensuring security standards
and requirements are defined as part of the deliverables. Provides input on
secure application design and coding techniques.

Evaluates new products, methods, and technologies to protect against existing
and emerging application security threats.

Provides project consulting, evaluating proposed solutions including vendor
products for IT security risks and recommending alternative solutions or
compensating controls.

Performs automated and manual security testing of applications.

Participates in the development of IT Security strategies, policies and
standards.

Provides analysis and interpretation of web, application, firewall and IDS and
logs to facilitate incident handling and security incident root cause analysis.

Defines application security architectures.

Monitors the external application security threat landscape and recommends
proactive actions to reduce risk to the enterprise.

REQUIREMENTS:

Extensive programming and application development experience with multiple
languages.

Experience with application security testing tools and methodologies plus web
application firewalls.

At least five (5) years of related IT security experience plus demonstrated
ability to perform a risk-based approach to securing applications, databases or
infrastructure based upon IT and business needs.

An in-depth understanding of software development methodologies and the security
controls needed to support Secure SDLC principles.

Strong working knowledge of industry-standard enterprise architecture models and
approaches.

Demonstrated ability to maintain currency with application architecture best
practices, existing and emerging technology platforms, architectural and systems
engineering industry trends.

In-depth experience protecting against web and web services security
vulnerabilities including the OWASP Top Ten and the SANS Top Twenty Five
software errors.

Knowledge of HIPAA, HITECH, and proper application of the Security and Privacy
Rules. Preferred knowledge of the HITRUST Common Security Framework. Knowledge
of PCI-DSS including the Red Flag Rule.

Solid understanding of web application security vulnerabilities and remediation.

Solid understanding of common development platforms including J2EE, Java/JEE,
ASP, .NET, PHP, JavaScript, JavaFX, Ajax, C#, Ruby on Rails, Python, VB.Net,
Flash, etc. and databases such as Oracle and SQL.

Must be able to effectively communicate with business partners in non-technical
terms and IT teams in technical terms.

Broad understanding of distributed, highly-available computing environments and
proactively addressing threats and vulnerabilities.

Bachelor's degree in Computer Science, Engineering or related field or
equivalent work experience..
How to Apply
Apply Online           
Apply Here By Choosing Multiple Job Codes




















                              

Warm Regards
HR Executive
Customer Is King
Web : http://customeriskinginc.com

Add CUSTOMER IS KING to your address book and never miss an email!
Find out how! (customeriskinginc.com)

Get inside info on all things Customer is king inc!
Become a fan on Facebook and follow us on Twitter!