Application Security Manager Jobs

Knowledge of vulnerability management programs

Identify and manage vulnerabilities using a variety of toolsets

An understanding of implementing risk management practices

Understanding of secure coding standards, OWASP Top Ten , Web Application Firewalls and Certificate management

Manage technical controls to ensure that the organization is protected in accordance with its risk appetite

3 years' experience in application development

Participate in vulnerability management operations, such as: retesting and reprioritizing vulnerabilities, reviewing code changes, approving proposed remediations, etc.

Contribute technical and procedural documentation towards the organization’s knowledge base.

Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts.

Demonstrated knowledge of security best practices, principles, and common frameworks, such as: OWASP, NIST, ISO, SOC, etc.

Prior experience in implementing and integrating tools for static analysis, dynamic analysis, fuzzing, bug bounty, etc.

Relevant industry certifications, such as: OSCP, OSWE, GPEN, GWAPT, etc.

Drive initiatives which scale application security and holistically address multiple vulnerabilities

Remote Opportunity: Ability to work 100% remotely, or from an Applied Systems office

Your experience should include some or all of the following:

All requirements of Senior Engineer, Application Security, plus;

Expert understanding and experience with common security libraries, security controls, and common security flaws.

Advanced knowledge of public cloud provider infrastructure. Google Cloud Platform is preferred.

Experience in domain driven design (DDD), lean architecture and agile delivery

Experience with SpringBoot and Rest Framework for developing Microservices

Experience with front end frameworks AngularJS/ReactJS

Excellent communication skills and the ability to communicate effectively with technical and non-technical audiences

Responsible for architecture and design of applications running on Java/SpringBoot Microservices framework

Responsible for technical design, implementation and maintenance of new and existing features on the application

Strong knowledge of Time Management System scheduling software, (i.e., ABI)

SPECIFIC JOB KNOWLEDGE, SKILLS, AND EXPERIENCE:

Effectively communicate escalated employee issues to Security Management Team.

Knowledge of the building’s Fire Alarm systems.

Knowledgeable of the building’s CCTV systems and operations

Knowledgeable of building’s x-ray systems, magnetometers, and operations.

Knowledge of Vault capabilities and Security Incident and Event management systems

Proficient in security management with specific experience

Experience enabling and actively guiding others on Application security including Static Analysis (SAST), Dynamic Analysis (DAST), OSS (Open-source vulnerabilities), Pen testing.

Providing honesty, integrity, professionalism and empathy as a people manager

Ability to manage program timelines and actively develop medium to long terms plans

Experience with Threat modeling, secure development lifecycle and secure testing methodologies

D2. The proposed resource should have SAP Identity and Access Management

D3. The proposed resource should have Azure Active Directory Identity and access management operations

For this requisition, the resource will work 100% remotely.

• Provides evidence (sometimes to an unbelieving audience) that vulnerabilities can be exploitable.

• Application vulnerability scanning to identify potential vulnerabilities in web and application services.

M1. The proposed resource must have demonstrated experience with SAP GRC (governance, risk, and compliance)

D2. The proposed resource should have SAP Identity and Access Management

D3. The proposed resource should have Azure Active Directory Identity and access management operations

For this requisition, the resource will work 100% remotely.

• Provides evidence (sometimes to an unbelieving audience) that vulnerabilities can be exploitable.

• Application vulnerability scanning to identify potential vulnerabilities in web and application services.

M1. The proposed resource must have demonstrated experience with SAP GRC (governance, risk, and compliance)

Strong communication skills with the ability to translate technical security requirements and risks into terms that anyone can understand

2+ years of experience in design review and/or threat modeling

Experience in Cloud Security and Network Security

Prior experience in software development with an emphasis on security

Familiarity with programming languages and knowledge of data structures and algorithms

Experience in at least one of: Java, Go, Ruby or Python

Strong people management, task management, organization, and communication skills.

Demonstrated experience in end-user support and ticket management.

Demonstrated experience in change management, communications, and training activities.

Demonstrated experience in procurement and budget management.

Insist on best-practice methodologies throughout the application lifecycle, particularly development, testing, and release management practices.

Participate in change management, communication, and training activities.

10+ Years of IT software development project management experience

Looking for seasoned Project Manager with experience in Telecom Domain. Experienced in managing programs in Agile Scrum/SAFE.

Previous management of a minimum 2-5M projects, including financials

Good experience in delivering through different methodologies (Agile/ Waterfall/ Hybrid)

Good experience in managing large number of stakeholders

Job Title: Application Project Manager

Experience of software security controls and methodology

Experience in one or more of; various .NET (C#, ASP, ‘net core) SQL, React

Able to work in dynamic and fast-paced environment

Comfortable with collaboration, open communication and reaching across functional borders with a strong focus on business outcomes

Exposure to deployment tools such as Jenkins and Team City

Our ideal candidate will have

Proven management and supervision skills;

Must have strong organizational, prioritization, time management skills

Prepare, in conjunction with General Manager, the annual Security and Life Safety budgets;

Manage each property’s Occupational Health & Safety program and act as committee chair;

Other duties as assigned by General Manager For a more specific list of duties, see attached.

Working knowledge of CCTV, Building Codes, Non-Smoking Bylaws and WHMIS;

Experience with integrated Management Systems including project management skills (organization and resource application, prioritization, scheduling, and budget management).

Organizational Leadership skills including: ability to manage by objective, effective listening skills, decision-making, facilitation, influencing, planning, conflict resolution, and career management.

Post Secondary Diploma or Degree in a related field (Criminology, Law, Political Science, Business/Management)

Expert knowledge with Canadian Energy Regulator and requirements for federally regulated pipeline companies would be an asset.

Manage the security team which includes security advisors, a coordinator, and contractors; develop and manage the security budget and forecasts.

Experience establishing and maintaining relationships with multiple stakeholder groups, including law enforcement, local communities, and industry associations is critical.

Option for hybrid remote work schedule in a technologically advanced environment with exposure to many specialized computer applications

Competitive compensation and benefits • Professional development opportunities

Experience working within a legal environment an asset

Sound interpersonal skills with the ability to interact and communicate with all levels of the Firm

Addressing the various needs, concerns, expectations of stakeholder groups in planning and executing projects, meeting project requirements and creating project deliverables

Building a strong technical culture around our business systems that emphasizes technical excellence, rapid iteration, strong security, and frictionless user experiences

Evaluate third-party code and/or libraries against known vulnerabilities.

Implement and manage security testing tools (SAST/DAST) to continuously monitor the security posture of the applications.

Strong development experience with both front-end and back-end technologies.

Experience securing container and microservices technologies (Kubernetes).

Experience with cloud platforms such as Google Cloud Platform (GCP) and Amazon Web Services (AWS).

Experience with the ELK (Elasticsearch, Logstash, and Kibana) stack.

Years of experience: 3-years’ minimum experience with Workflow design and configuration specific to Project Manager

Experience working in the IT Service industry and has managed apps projects.

Previous experience in building and presenting project plans and business requirements to internal or external clients.

Excellent communication (oral and written) and interpersonal skills.

Detailed understanding and experience with process documentation and improvement

Strong prioritization, multitasking, problem-solving and organizational skills.

You are knowledgeable and passionate about software security, either Security Certifications or Application Security

Certifications and Compliance (FIPS, CIS, FedRAMP)

Manage competing priorities, communicating with internal and external stakeholders

Work from home with global travel up to 15% for internal and external events

You have some experience in leading, managing, coaching and mentoring software developers

You have solid experience working in an agile development environment

Education background in Information Security, Computer Science, Information Management Systems, or equivalent.

Hands-on experience with vulnerability management and penetration testing tools:

4+ years of experience identifying and mitigating risks to software applications; high-tech, global environment preferred

Two years of hands-on experience in Information Security Auditing.

Strong written and oral communication skills

Some relevant certifications, such as CASE, ASVS, CISSP.