Job Description :
Our client is looking for a Lead Security Engineer to ensure that their applications, websites, and services are designed to exceed the highest of security standards. As part of their Information Security and Risk Management team, this person will have a passion for DevSecOps, discovering security issues and working with development teams to address vulnerabilities. In addition, you will lead application security assessments, tooling and will establish strong partnerships with development teams across all of company.

Lead DevSecOps objectives to ensure applications are secure, while ensuring the needs of the CI/CD are met
Lead solution evaluations around new security capabilities, to include conducting proof of concepts and managing relationships with vendors
Experience with automation through solutions such as Chef, Puppet, Jenkins, and Ansible
Experience in Java, Javascript, or Ruby
Advocate secure coding practices throughout organization
Demonstrate security leadership across the organization
Work with development teams to acquire deep understanding and knowledge of business processes
Developing and designing service offerings through open source solutions such as Burp Suite
Experience with application security tools such as Checkmarx, Whitehat and Client WebInspect/Fortify
Knowledge of OWASP Top 10 and SANS Top 25
Ability to automate DAST/SAST solutions and reporting
Experience with threat modeling methodologies such as STRIDE
BS degree in Computer Science or equivalent experience (Not a must have)
OSCP Certification is needed
Strong written and verbal communication
5+ years of experience in application security and code-level auditing
2+ years of security experience in agile environments
Experience with scripting languages is required
CISSP certification is a plus.