Lead Security Engineer - Product & Testing (101244)
Location:
Posted:
September 08, 2016
Reference:
101244
POSITION PURPOSE - The Lead Security Engineer is responsible for performing product security assessments and will report to the Director of Product Security and Discovery. This creative and dynamic associate will work within the Product Security & Discovery team to execute penetration testing as well as static and dynamic analysis tasks in order to enhance the security posture of THD's internally developed as well as third party products. Additionally, this role will be responsible for developing and enhancing Product Security and Discovery's tooling and automation processes.
The Lead Security Engineer utilizes solid business knowledge and expert technical experience of security to provide a secure information environment for the business. Develop recommendations and take appropriate action. The purpose of the position is to provide effective Information Security services that: Continuously protect our critical information assets and brand name. Assure compliance with corporate and regulatory policies/standards & industry best practices. Simplify, enhance and enable business initiatives. Operates as a team lead providing technical direction to team members.
MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES - This role will be responsible for performing product security assessments and will report to the Director of Product Security and Discovery. This creative and dynamic associate will work within the Product Security & Discovery team to execute penetration testing as well as static and dynamic analysis tasks in order to enhance the security posture of THD's internally developed as well as third party products. Additionally, this role will be responsible for developing and enhancing Product Security and Discovery's tooling and automation processes.
MINIMUM QUALIFICATIONS -
• Prior application security experience
• Experience designing, organizing and rolling out an application security program
• Excellent verbal, written and presentation skills
• Ability to partner and communicate effectively with IT and business leadership
• Knowledge of relevant information security best practices
PREFERRED QUALIFICATIONS -
• Development experience in Java and/or Python
• Prior application security testing experience:
- web applications
- mobile applications
• Prior secure code review experience
• Prior experience using enterprise grade static and dynamic analysis tools
• Excellent verbal, written and presentation skills
• Ability to partner and communicate effectively with developers
• Knowledge of relevant information security best practices
EDUCATION REQUIRED - The knowledge, skills and abilities typically acquired through the completion of a high school diplomas and/or GED.

YEARS OF RELEVANT WORK EXPERIENCE - 5

ADDITIONAL QUALIFICATIONS - Direct hands-on experience with one or more of the following InfoSec solutions: Anti-Virus, intrusion detection, firewalls, content filtering, risk assessment.
INDUSTRY CERTIFICATIONS - CISSP, CISM, CISA, CCFE, GIAC, CCIE, CCSP, CBCP, ABCP, MBCP. 1+ years' experience in network, system or application architecture design, implementation or support. 1+ years application security knowledge in an application used at THD. 7-10 years of related experience. BS Computer Science or related field, MS a plus.
" />
A little about us:
We recognize that military members are adept, motivated and hardworking. That’s why we made a commitment in 2012 to hire 55,000 veterans in 5 years!

Know someone who would be interested in this job? Share it with your network.