Manager, Application Security

Overview

Job Description The Application Security Manager will partner with developers and technical managers to improve the Secure SDLC program and conduct application security assessments. The individual will be responsible for managing the team of application security analysts and analyzing potential security impacts and pitfalls associated with threats and vulnerabilities to applications and systems. Candidate will advise Business Owners, developers and technical teams on options to mitigate the risk. The candidate must have excellent verbal, written and interpersonal communication skills. This position reports to the Director of Enterprise Security Architecture. This position will have four direct reports (Application Security Administrators). This position requires knowledge of and past experience in application development, specifically Java. Responsibilities: - Improve and manage the application security program and the company wide secure development standards. - Communicate vulnerabilities risks and remediation methods to business owners, developers and technical teams - Strong knowledge of building security into continuous integration and delivery (CI/CD) pipeline - Perform security testing on applications using dynamic and static analysis tools - Manage penetration testing services, including both
internal and external managed services - Manage projects related to security portfolio to strengthen the overall CyberSecurity posture - Strong knowledge of script languages and build automation tools on an ad-hoc basis - Build security into infrastructure and architecture designs and guide the implementation with the operations team - Design and assess SaaS and IaaS cloud services and virtualization technologies, e.g. Amazon Web Services (AWS) and VMWare - Create and deliver knowledge sharing presentations and documentation to security, developers and operations teams Required skills & experience (the "must haves" to be considered) Education/Experience: - Requires bachelor's degree in computer science or information security - Requires a minimum of 7 years of professional IT work experience or a master's degree and 5 years of professional work experience - Minimum of 3 years of security or developing web applications experience - Minimum of 2 years of management or team lead experience - Experience reading and understanding code in the following languages such as HTML5, Java, JavaScript, Objective-C, C++, C#, Python, Perl, etc. Preferred (but not required) Licenses and Certifications: - CISSP, SANS Certifications - Programming Certifications Knowledge of: - Common vulnerabilities in the OWASP top 10 list - Protocols/technologies such as SOA, HTTP, SSL, LDAP, JDBC, Servlet/JSP, SQL, XML - Java Application and Java Application Server administration/tuning Skills and Abilities: - Ability to understand software design algorithms - Strong knowledge of one or more of the following programming languages: HTML5, ASP, - Java, Objective-C , C#, C++, SQL is preferred - Ability to write scripts in languages such as Python, BASH, or PowerShell for automation preferred - Ability to read and debug code What you need to know - This is a permanent opportunity in Newark, NJ. - There is a 10% bonus opportunity on top of the listed salary. - Relocation will be considered for the appropriate candidate.

Benefits

Company

A not-for-profit health service corporation- is best known for their managed care and traditional indemnity plans for individual and employers. Provides health insurance coverage for people throughout New Jersey.