Senior Manager - Application Security

Csaa Insurance Group Glendale , AZ 85301

Posted 1 month ago

Job Title

Senior Manager

  • Application Security

Requisition Number

R3512 Senior Manager

  • Application Security (Open)

Location

Glendale, Arizona

Additional Locations

Job Information

Are you a highly skilled Security professional that has a passion for Application Security in a DevOps world? Bring your proficiency to help us craft our IT Security program, next gen. Work closely with our Application Development teams to provide secure applications and foster DevSecOps theory and processes; aligning the overall security model with business goals and ongoing operations. You bring to this position a high-level of security expertise, a deep understanding of modern development languages and cloud platforms. You have a consistent record for driving product security initiatives and experience delivering software security at scale. You'll lead application security testing (SAST, DAST, and RASP), penetration testing, web application firewall management, and red teaming. Help us re-think what it means to be a secure insurance provider in a fast-changing, highly fierce market.

Your day could include and experience we would like to see :

  • You will mentor, guide, lead and direct the maturity of the application security team responsible for an enterprise program

  • You will guide the integration of secure development standards, tools, and processes into the development lifecycle

  • You'll support the development and implementation of a threat modeling framework, secure frameworks and libraries

  • You will support development design reviews and other InfoSec processes as application security expertise is required

  • You will provide domain expertise for maturing of an enterprise secure code training program for developers and other critical partners

  • You'll produce relevant application security metrics that demonstrate a continually improving application security posture

  • You will be a hands-on technical manager, leading a team that develops and supports application security services consumed by product teams

  • This position will utilize your technical expertise to deliver the next generation of software-defined security services and tools while integrating into product development processes

Education, Certifications and nice to have:

  • 7 or more years of Information Technology and Security experience

  • You have broad knowledge of IT Security technologies, process, techniques and a solid understanding of application security leading practices, including OWASP and CWE.

  • Considerable experience in code reviews, business logic assessment, and testing

  • Experience deploying cybersecurity solutions in a public cloud environment (IaaS, PaaS, SaaS)

  • Familiar with application security tools like BurpSuite Pro, SAST, DAST, RASP, nmap, Metasploit, and Kali Linux, etc.

  • Experience in 3rd-party testing tools such as Fortify, Veracode, WhiteHat, etc., is preferred

  • Proficiency working with and coding in Python, Node. js, JavaScript, Go, Ruby, PowerShell, Bash, and Scala. (SDK and RESTful API design/development is preferred)

  • Experience in secure coding and software development in various languages (C#,. NET, Java etc.)

  • You have recent experience with Agile development/Scrum teams, and enthusiastically incorporate security stories/requirements into SDLC (CI/CD) with product owners/managers

  • You have familiarity with HTML/CSS, JavaScript and UI/UX design and software quality assurance principles

  • You have deep knowledge of software, application design and architecture

  • You have substantial knowledge of TCP/IP, DNS, HTTP, HTTPS, VPN, SQL and other database technologies

  • CISSP, CEH, GWAPT, or OSCP certifications are highly desired

  • Bachelor's degree (in Information Technology or a related discipline) or equivalent experience

CSAA Insurance Group offers many benefits, including:

  • Comprehensive health care plans, including medical, dental, vision, and tax-deferred spending accounts.

  • Employee assistance, healthy pregnancy and wellness programs.

  • Paid time off, plus nine paid holidays and 24 hours of volunteer time off.

  • 401(k) plus company matching up to 6% and a cash balance pension program.

  • Paid training, tuition reimbursement, self-service training and career development opportunities.

Be part of a community that works:

At CSAA Insurance Group, we take pride in our values-based culture. Helping our employees have enriched lives and satisfying careers is how we work. Our employees appreciate the integrity and inclusion that is evident throughout our everyday interactions. We respect the diverse range of perspectives, backgrounds and cultures of our teams, and join together when it comes to helping our members, community or one another.

Headquartered in Walnut Creek, California, our community also works in Arizona, Colorado, Nevada, New Jersey and Oklahoma. Learn more about us at CSAA-Insurance.aaa.com/careers

Please submit your application to be considered. We communicate via email, so check your inbox to ensure you don't miss important updates from us.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Must have authorization to work indefinitely in the US

  • LI-BA1
icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Application Security Penetration Tester

Csaa Insurance Group

Posted 3 weeks ago

VIEW JOBS 9/1/2019 12:00:00 AM 2019-11-30T00:00 Job Title Application Security Penetration Tester Requisition Number R3515 Application Security Penetration Tester (Open) Location Glendale, Arizona Additional Locations Job Information Are you a highly skilled Security professional that has a passion for Application Security in a DevOps world? Bring your proficiency to help us craft our IT Security program, next gen. You have a consistent record for driving product security initiatives and experience delivering software security at scale. You'll lead application security testing (SAST, DAST, and RASP), penetration testing, web application firewall management, and red teaming. You will be involved in developing security controls, defenses and countermeasures to ensure least-privilege access or to intercept and prevent internal or external attempts to infiltrate company email, data, e-commerce and web-based systems. Develops, maintains and publishes corporate information security standards, procedures and guidelines for company computing platforms. You are a specialist able to work in all phases of assignments in providing technological expertise to associates and other functional areas. Responsible for all project management and related activities for assignments of diverse scope and complexity. Help us re-think what it means to be a secure insurance provider in a fast-changing, highly fierce market. While we've been named a 'best place to work,' our proudest accomplishment comes from serving nearly 17 million AAA members in 23 states and Washington, D.C. For employees focused on identity access management engineering: * Develop strategies and oversees implementation and updates of Identity and Access Management technologies. * Assist in the review and update of information security policies, architecture, and standards. * Perform engineering for points of integration between IAM technologies and other systems. Provides installation and integration guidance to the system development staff. Documents developed resolutions. * Communicate security risks, support and recommendations to business colleagues as needed for security related issues. * Provide internal security consulting for complex application development, database design, network, and/or platform (operating system) efforts, helping project teams adhere to company and IT security policies, regulations, and standard methodologies. * Provides tier-3 support for incident resolution. For Employees focused on identity and access management analysis: * Evaluate business IAM requirements for company business application integration or service activation. * Plan, organize and lead requirement sessions and analyze business requirements for system access (role mining/role engineering). Prepare colleagues for their roles in participating in these sessions. * Ensure that frequent organizational changes involving user access needs are correctly translated to AM processes and automation. * Coordinate periodic user access certification with business colleagues or data owners. For employees focused on cyber threat, prevention, detection and response: * Research attempted or successful efforts to compromise systems security and designs countermeasures. * Analyze and makes recommendations to improve network, system, and application architectures * Provide information to management around the negative impression on the business caused by theft, destruction, alteration or denial of access to information and systems. * Create and maintain logical security reporting that facilitates logical security monitoring. This includes examining network, server, and application logs to identify trends, security incidents, potential threats or outages. * Lead response to audits, penetration tests and vulnerability assessments. CSAA Insurance Group offers many benefits, including: * Comprehensive health care plans, including medical, dental, vision, and tax-deferred spending accounts. * Employee assistance, healthy pregnancy and wellness programs. * Paid time off, plus nine paid holidays and 24 hours of volunteer time off. * 401(k) plus company matching up to 6% and a cash balance pension program. * Paid training, tuition reimbursement, self-service training and career development opportunities. Be part of a community that works: At CSAA Insurance Group, we take pride in our values-based culture. Helping our employees have enriched lives and satisfying careers is how we work. Our employees appreciate the integrity and inclusion that is evident throughout our everyday interactions. We respect the diverse range of perspectives, backgrounds and cultures of our teams, and join together when it comes to helping our members, community or one another. Headquartered in Walnut Creek, California, our community also works in Arizona, Colorado, Nevada, New Jersey and Oklahoma. Learn more about us at CSAA-Insurance.aaa.com/careers Please submit your application to be considered. We communicate via email, so check your inbox to ensure you don't miss important updates from us. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexua orientation, age, marital status, veteran status, or disability status. Authorization is required to work indefinitely in the US * LI-SB1 Knowledge, Skills, and Abilities Required: Knowledge of security issues, techniques and implications across all existing computer platforms. Expertise in account management, password auditing, network based and Web application based vulnerability scanning, virus management and intrusion detection. Technical expertise in systems administration and security tools, combined with the knowledge of security practices and procedures. Able to work with a changing schedule that includes standard or non-standard business hours of work. Preferred: Proactively contribute to innovation efforts that support the alignment of security and IT technologies to business requirements with focus on user experience, performance, ROI, and TCO. Education and Work ExperienceRequired: Bachelor's or equivalent experience in Computer Science, Information Systems, or other related field. 8+ years of relevant experience SAS Certification Csaa Insurance Group Glendale AZ

Senior Manager - Application Security

Csaa Insurance Group