Application Security Manager

Corporation Service Co Wilmington , DE 19801

Posted 3 months ago

Are you innovative and collaborative with an entrepreneurial mindset? Us too.

Application Security Manager

Wilmington, DE

What you'll do for us

  • Develop and manage an enterprise application security program to guide and assist business unit security teams in best practices for secure development and application vulnerability management

  • Develop and manage a team responsible for providing application security services that comply with established policies, procedures and standards.

  • Working within an Agile development organization

  • The position requires expertise of application security risk, cloud architecture, application threat modeling, policy writing

  • Excellent knowledge on security concepts: Web Access management, static and dynamic testing, Single Sign On, Federation, SAML, OAuth2.0, API Gateways and relevant IT architectures.

  • Promote DevSecOps culture in development teams and drive adoption of tools and practices as the teams transform to DevSecOps.

  • Assist with the implementation and execution of the application security program

  • Manages staff. Provides guidance, training, and motivation, as necessary to develop staff.

  • Develops strong working relationships with business unit development leaders.

  • Recommends the most appropriate system solutions in accordance with the business units long term goals and systems architectural guidelines and policies.

  • Develops and implements operational plans to achieve departmental objectives.

  • Manages special projects and performs other duties as assigned.

  • Coordinates activities and interacts extensively across department lines.

  • Engage with the Business and DevOps partners using a consultative & partnering approach

  • Evangelize application security within the company and work with Application Development teams to incorporate new program direction into applications

What we'll do for you

  • Empower you to find your own innovative solutions to challenges faced by some of the world's leading companies

  • Give you the freedom to explore, experiment, and implement out-of-the-box ideas

  • Provide excellent benefits for you and your family, including 401(k) with employer match, medical insurance, paid time off, tuition reimbursement, and more

What technical skills, experience and qualifications do you need?

  • Undergraduate degree in a related field or the equivalent combination of training and experience preferred

  • Ten years' software development experience, Five years secure development experience

  • Created or led application security team

  • Strong negotiation skills

  • Excellent written and oral communication skills

  • Excellent analysis and problem solving

  • Expert knowledge of the following project methodology practices and concepts: Secure software development, static and dynamic testing, web application firewalls

  • Web application security experience including OWASP Top 10 vulnerabilities, browser security, JavaScript security, and web safety

  • Ability to educate, mentor, consult and present to technical development staff

  • Deep understanding of web application attacks including SQLi, XSS, XXE, and other common security issues

  • Security Testing methodologies and related tools such as Fortify, WebInspect, BurpSuite, WihteSource

Why join us?

At CSC, we're always looking ahead, finding ways to improve and anticipate the future needs of our customers. Curiosity fuels our innovation and productivity drives our results. This proactive mindset has helped us adapt and create solutions that have enabled businesses to run smoother and smarter for more than 115 years.

CSC is committed to attracting, developing, and retaining talented people whose personal values align with ours. We empower our employees to bring the right solutions to market to meet customer demand. That is why we are the premier provider of global solutions for more than 180,000 businesses.

  • CSC is a great place to work with smart and dedicated people. We have been voted a Top Workplace for 12 consecutive years.

  • We offer challenging work and career opportunities. Most positions are filled with internal moves and employee referrals.

  • Employees are eligible for an annual success sharing bonus recognizing individual performance and a profit sharing bonus based on company performance.

  • CSC offers excellent benefits for you and your family, including 401(k) with employer match, medical/dental/life insurance, spouse and dependent life insurance, paid time off, tuition reimbursement, and more.

  • We recently completed building a new headquarters that supports current and future technology initiatives through open design, sit/stand workstations, digital interface points that enhance teamwork and collaboration, and alternative work environments with wireless access throughout the campus, including at our outside work areas. It's an exciting time for us in terms of growth and expansion.

About us

CSC is the world's leading provider of business, legal, tax, and digital brand services to companies around the globe. From keeping your business in compliance and streamlining operations, to protecting and promoting your brand online, we use our expertise and personal approach to help your business run smoother. We are the business behind business. We are the trusted partner for 90% of the Fortune 500, more than half of the Best Global Brands (Interbrand), nearly 10,000 law firms, and more than 3,000 financial organizations. Headquartered in Wilmington, Delaware, USA since 1899, we have offices throughout the United States, Canada, Europe, and the Asia-Pacific region. We are a global company capable of doing business wherever our clients areand we accomplish that by employing experts in every business we serve. CSC is an equal opportunity employer.

Disclaimer: The information above describes the general nature and level of work performed by employees in this role. It is not intended to be a description of all duties, responsibilities, and qualifications.

#LI-ES1


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Infosec Specialist Application Security

TD Bank Group

Posted 7 days ago

VIEW JOBS 12/12/2018 12:00:00 AM 2019-03-12T00:00 Company Overview About TD Bank, America's Most Convenient Bank® TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth®, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.tdbank.com. Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBank_US. TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com. Department Overview Building a World-Class Technology Team at TD We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway. TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls. There's room to grow in all of it. Job Description About This Role We are looking for someone to develop and implement Technology Controls and Information Security related policies, programs and tools. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level. Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position: * Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents. * Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas. * Lead or contribute to the completion of risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy. * Contribute to the definition, development, and oversight of a global security management strategy and framework. * Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against TDBG's business. * Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area. * Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines. * Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement. * Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities. * Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise . Other duties as assigned * Driving Requirements: * Travel Requirements: Requirements What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position: * University Degree. * Information Security Certification / Accreditation an asset. * 7+ years of relevant experience. * Expert knowledge of IT security and risk disciplines and practices. * Advanced knowledge of of organization, technology controls, security and risk issues. * Demonstrated ability to participate in complex, comprehensive or large projects and initiatives. * Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors. * Must be eligible for employment under regulatory standards applicable to the position. Qualifications Preferred Qualifications - These are the preferred qualifications for this role: * University Degree. Information Security Certification / Accreditation an asset. * 7+ years of relevant experience. * Development background (be able to read code) * Have an understanding of Application Security and OWASP Top 10 * 'Expert knowledge of IT security and risk disciplines and practices. * Advanced knowledge of organization, technology controls, security and risk issues. * Demonstrated ability to participate in complex, comprehensive or large projects and initiatives. * Excellent verbal and written communication skills * Familiarity with SDLC processes and methodologies * Software development experience a plus Hours 40 Inclusiveness At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live in and serve, and creating an environment where every employee has the opportunity to reach her/his potential. If you are a candidate with a disability and need an accommodation to complete the application process, email the TD Bank US Workplace Accommodations Program at USWAPTDO@td.com . Include your full name, best way to reach you, and the accommodation needed to assist you with the application process. EOE/Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity. TD Bank Group Wilmington DE

Application Security Manager

Corporation Service Co