Job responsibilities:
• Leading the designing and implementing of automated security tools throughout the product pipeline• Partnering with product team to drive shift-left security strategy preventing vulnerabilities in products early in development phase in the SDLC• Perform threat modeling and risk assessments to identify potential vulnerabilities and develop mitigation strategies• Conduct continuous application security testing, guide security champions and dev team and coordinate remediation efforts• Responsible for analyzing security of applications and services, identifying risks and compliance gaps, continuously seeking to improve compliance with established standards• High level understanding of application and network zero-trust journey• Advancing a culture of security by creating and sharing the vision through presentations, effective influence, and leveraging management support as needed.Required qualifications, capabilities, and skills• 9 to 10 years of relevant experience in Application and cloud security with secure SDLC working with distributed enterprise applications.• In-depth knowledge of security controls and testing techniques for each phase of the SDLC, including planning, design, development, testing, and deployment• Establishing vulnerability triage meetings with development teams to guide remediation of SAST, SCA, DAST, IAST vulnerabilities• Extensive knowledge of threat modeling methodologies and experience conducting threat modeling exercises for applications• Knowledge of core application security principles, common security vulnerability classes, their root causes and mitigations• Proven knowledge of designing and implementing AWS cloud security controls, and services• Build security metrics to track the effectiveness of our security excellenceprograms
#J-18808-Ljbffr…