Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.
Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred.
Minimum of 8 years of experience in application security, with at least 3 years in a leadership role.
Proven experience in implementing and managing SSDLC frameworks.
In-depth knowledge of security frameworks and methodologies, including SALSA.
Strong understanding of secure coding practices and common vulnerabilities (e.g., OWASP Top Ten).
Proficiency in programming languages such as Java, Python, C#, or similar.
Experience with security tools and technologies such as static and dynamic analysis tools, vulnerability scanners, and penetration testing tools.
Excellent communication and leadership skills, with the ability and passion to drive change across the organization.
Relevant certifications such as CISSP, CISM, or CSSLP are highly desirable.
Proven experience in a similar role at another leading software development company.
