Senior Application Security Manager
Job Title: Senior Application Security Manager
Job Location: Georgia
- Work with the software engineering, product management, and application security teams to scope, plan and execute application-level penetration testing
- Provide to periodic status reports on security testing activities
- Mentor and support the developers on how to write good security unit tests and promote good security testing frameworks
- Work with third party penetration testing tools to deliver faster results, but also mentor your team to develop its own code when special needs come up, e.g. develop a Burp Suite extension to sign tampered requests
- Perform peer penetration testing with your team members
- Invest in team’s professional development, by mentoring, training, CTF, security conference participations, etc.
- Evangelize proactive approaches for providing testing abuse cases for Quality Assurance teams
- Present penetration testing findings to engineering and product teams, and provide acceptable solutions by all parties
- Perform security research related to company’s business, and work with the company's innovation hub to provide solutions to the risks/vulnerabilities discovered
- Attend information security conferences
- Must be a leader and inspire people
- Two+ years of experience managing a global security team
- Five+ years of experience in information and application security and software engineering
- Five+ years of proven record of penetration testing
- Be self-driven and able to work independently
- Programming experience with several mainstream languages, e.g. C#, Java, C, C++, Python etc.
- Comfortable working in Windows/Linux OS and networking including network configuration, scripting, permissions management, etc.
- Good communication and excelling working in a collaborative team environment
- CISSP, CSSLP, or OSCP certifications
- Understanding of Retail, Hospitality and FinTech business processes and analysis
- Familiarity with Coverity, WhiteHat Security, Contrast, Seeker, and Whitesource
- Familiarity with build systems as Jenkins and TFS
- Familiarity with bug tracking systems as Jira and TFS
- Public speaking in information security conferences, e.g. BlackHat, DefCon, BSides, etc.
- Knowledge in P&L management
Job Status: Full Time