Job Description :
Direct Hire Position
No Third Party Applicants/Calls; No Corp to Corp Applicants; Visa Sponsorship Not Available

7+ to 10 years’ experience; Typically, 6 to 8 or more years of increasing responsibility in terms of any applicable professional experience
Seniority Level - Mid-Senior
Management Experience Required – No
Minimum Education - Bachelor''s Degree; Bachelor''s Degree or global equivalent in related discipline. Master''s degree or global equivalent a plus. Typically hold 2 or more industry certifications
Willingness to Travel – Occasionally (5%-20%)

1 or more of: CISSP, CISM, CompTIA Security +, GSEC, CCSP, CSSLP, HCISSP, GSE
6 or more years of increasing responsibility in terms of any applicable professional experience

This position is responsible for focusing on the strategy, development, implementation, and maintenance of the application security program across research, development, quality assurance, support, and IT systems. This is a high level, conceptual, as well as hands-on position that requires a great deal of general security experience, as well as application development experience and secure coding knowledge.

Seasoned, experienced senior level professional role. Evaluation, originality or ingenuity required. Know and apply the fundamental concepts, practices, and procedures of a field. Resolve a wide range of issues in creative ways. Assignments are typically broad in nature. Serve as a resource to others to resolve complex problems and issues. May take on project lead role as required. Typically, the fully qualified, career-oriented, journey-level position.

Work on problems of diverse scope where analysis of data requires evaluation of identifiable factors. Demonstrate good judgment in selecting methods and techniques for obtaining solutions. Network with senior internal and external personnel inside/outside own area of expertise.

Mentor more junior security engineers by leading and influencing technical decisions, processes, and best practices with a moderate ability to explain technical concepts in written and verbal forms

Advise in, and participate in, the design of secure products and architectures
Perform architecture security reviews, security focused code reviews, and security testing
Work closely with engineering and product teams to design and implement security-related systems and functionality, including writing secure code as necessary, and verification of threat models, risk and security posture
Monitor software usage and perform forensics to verify that the software is performing to the required security standards
Perform constant monitoring and awareness of key developments in web and client application security to provide direction of security trends, and anticipate emerging standards and best practices
Provide leadership, guidance and direction to security resources and be an influencer of development, systems, support, and quality assurance teams
Communicate to senior management by demonstrating a moderate skill in presenting technical concepts
Attend all meetings necessary for the seamless delivery of the product as part of the Software Development Life Cycle

Full understanding of industry practices and company policies and procedures
Excellent planning/ organizational skills
Excellent analysis and problem-solving skills
Excellent writing and communication skills
Excellent conflict resolution skills
Excellent decision-making skills
Excellent interpersonal skills
Work independently; receive minimal guidance
Professional maturity in delivering difficult messages in a professional and empathetic manner
Excellent negotiating skills
Able to contribute to moderately complex aspects of a project
Use skills to resolve complex issues in effective ways
Act as a resource for colleagues; may direct the work of other staff members
Ability to manage within a budget
Project management/ consultative skills

Advanced knowledge of secure application programming, coding life cycles and designs
Advanced understanding of security principles, best practices architectures, tools and processes
Advanced knowledge of multiple current operating systems and hosting environments
Good understanding of networking protocols
Advanced knowledge of software and network architecture and standards
Advanced knowledge of authentication protocol building blocks and methods
Basic ability to understand business drivers and priorities, and integrate these requirements into overall security design
Advanced ability to conduct threat assessments and assess risk
Good ability to create and maintain risk-based measures and build security processes that work within various development methodologies
Advanced ability to communicate security objectives orally and in writing to a variety of audiences
Basic knowledge of the technological security issues and challenges faced by corporations and governments around the world
Basic ability to project and predict outcomes based on security trends and industry requirements
Advanced knowledge of reverse engineering techniques and tools
Advanced ability to implement code derived from technical specifications
Advanced ability to problem solve/diagnose in a technical space
Advanced knowledge of all programming languages leverage in the products being secured
Advanced knowledge of data storage formats, tools and languages