Job Description:
As a leader of the Application Security and Compliance team, you will provide guidance and your expertise through product secure development life cycle processes, security of products, advice and evangelization of developers on application security best practices, and prescribe actions. We are looking for a sharp, disciplined, application software security subject matter expert (SME) with deep technical expertise in Security, Cryptography, Authentication, Application Security, etc. to fill a security engineering leadership role.
The ideal candidate will have experience in architecting, building and delivering innovative and proactive secure solutions that are resilient to even the most sophisticated attacks of today and tomorrow. As a member of the Technology organization, this position will work closely with application development teams, security engineering, quality assurance, and information security teams across the organization.
Responsibilities:
Define and execute the strategy for cybersecurity initiatives independently for the Technology organization and in alignment with the company product initiatives
Responsible for the policy, implementation, and oversight of the application security program for the Technology group
Audit compliance with executive, legislative and company mandates affecting cybersecurity programs
Provide leadership to leverage IT resources in order to improve the security of applications being developed
Monitor and evaluate the progress of the cybersecurity initiatives and their accomplishments
Collaborate with peers and development personnel to promote the scalability, configurability, performance, security, customizability, and quality in our products
Support the Technology organization to shape new product directions as well as implement the product strategy with the perspective of ensuring secure applications
Perform periodic reviews and assessments of security architecture of all products and enforce best practices to ensure that appropriate security functions have been included in the application software design and architecture
Adhere to standard processes such as issue tracking, source code control, coding conventions, and the software development life cycle (SDLC)
Optimize and tune performance of products with security features enabled
Direct the development and implementation of the security vulnerability scanning systems and security program within R&D
Advise senior management on major application security decisions
Responsible for the efficient management and safeguarding of resources and assures internal controls meet company standards
Maintain current knowledge of relevant technology as assigned.
Work with development teams in Bedford, MA, Houston, TX, and Shanghai, China.
Desired Skills and Experience
10+ years software development experience in one or more of Java, JEE, .NET, C/C++ or C#
Certified Information Security Professional (CISSP), and Certified Information Security Manager (CISM) certifications would be a very strong plus
Experience in using application security tool, such as IBM AppScan is a plus
Experience in designing and building HTML5, CSS, JavaScript, XML, JSON, IIS Web Applications, Web Services, Enterprise Class Distributed Messaging Systems, and deep knowledge of integration patterns
Demonstrated ability working with Object-Oriented Design and other Software Patterns
Knowledge of lightweight UIs in HTML and JavaScript development
Good inter-personal, presentation and communication skills (special skills encouraged)
Experience in architecting, designing, developing, and debugging network-centric distributed software systems for the Enterprise
Experience in dealing with “Continuous Integration/build systems”
Proven history of working well in groups and with off-shore teams
Demonstrated ability to take on and be accountable in delivering initiatives without frequent supervision or assistance
B.S. or higher in Applied Math, Statistics, Computer Science, or related field; though Masters degree is not required, subject matter expertise in application software security is a must
Pass it on for Referral Bonus. Not the right role for you, but know someone we should meet? Share with him to earn $1,000 referral bonus.