Current Statistics
1,449,876 Total Jobs 326,032 Jobs Today 16,894 Cities 222,692 Job Seekers 146,721 Resumes |
|
|
|
|
|
|
Lead Applications Security Engineer - Wilmington Delaware
Company: Avantor Location: Wilmington, Delaware
Posted On: 04/19/2024
The Opportunity:Avantor's Lead Application Security Engineer is responsible for the planning, design and implementation of application security architectures; oversees the implementation application security and ensures compliance with corporate cybersecurity policies and procedures. Assist in responding to inquiries about Avantor's application security practices to customers and potential customers. Review, update, and develop Avantor's security policies and standards to align with leading practices, compliance requirements, and regulatory requirements. Participate in application security related incident response activities during business hours. Configure web application firewall rules. Conduct code reviews to ensure remediation of vulnerabilities were implemented appropriately. Oversee the regular scanning of Avantor's applications using various automated application security tools, covering Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), etc.What we're looking for - Education: Bachelor's degree in computer science, Information Security, or a related field, or equivalent real-world experience.
- Industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP), or equivalent certifications or trainings are a plus, but not required.
- 5+ years of experience in application security, with a proven track record of leading security assessments and projects.
- 5+ years in software development or adjacent fields, with expertise in Java or PHP preferred.
- In-depth knowledge and understanding of compliance standards such as CMMC, PCI DSS, HIPAA, or GDPR
- In-depth knowledge of security standards such as ISO 270001, NIST CSF (CyberSecurity Framework), and/or NIST 800-171.
- Extensive familiarity with OWASP SAMM v2
- Familiarity with operational technology security concepts and practical experience in this domain.Who you are
- You can identify and mitigate complex security vulnerabilities in web, mobile applications, and/or embedded applications.
- Knowledgeable of security leading practices, advanced authentication mechanisms, and encryption techniques.
- Exceptional communicator with collaboration skills to effectively lead and collaborate with teams and present security findings to technical and non-technical stakeholders.
- Works independently and as part of a team, with a proactive attitude toward problem-solving.
- You have a passion for application security and a commitment to staying up-to-date with the latest industry trends.How you will create an impact
|
|
|
|
|
|
|