Lead Application Security Engineer

Company: Little Caesars Pizza
Location: Lansing
Posted on: January 24, 2023

Job Description:

Job Summary

The Application Security Lead Engineer will serve as lead Technical Engineer for the Developer teams to solve complex application security problems in a timely and efficient manner. The incumbent will continuously evaluate the internal/external threat landscape, conduct security reviews leveraging existing tools and support application teams to ensure they are developed and operate in a safe manner. This position will be responsible for creating and maintaining documentation of processes and procedures, serve as a leader for Application Security initiatives and implementation projects and function as lead engineer in Cybersecurity Team. The Application Security Lead Engineer will be responsible to forming a strategy for application security and ensuring a comprehensive DevSecOps program is established and executed.

Key Responsibilities

Define, communicate, and drive the deployment and adoption of application security capabilities, solutions, and requirements.
Lead the design, development and strategic direction for application security practices, security guidance documentations, techniques, enablers, and processes.
Co-lead the creation of a comprehensive DevSecOps program and ensure program is effectively implemented in the application development process
Identify and evaluate existing or new application security technology and/or services to be used and build, maintain and run those technologies (SAST, DAST, IAST etc.)
Lead cooperation with Governance, Risk and Compliance to establish a training program for application security (technical and best practices).
Subject matter expertise in understanding the Open Web Application Security Project (OWASP) framework established vulnerabilities and aiding resolution with the development team as needed.
Subject matter expertise in interpreting software vulnerabilities and aid developers to close out software bugs, answer questions around best practices as it pertains to encryption, secure coding, secure data flows, etc.
Ensure security is built into the design upfront, perform threat modelling, and support cybersecurity requirements and testing for developments.
Create, revise, and maintain documentation of processes and procedures in the central knowledge base.
Evolve, maintain, and achieve metrics, measures and KPI associated with application security

Additional Key Responsibilities
Performs other duties as assigned by management.

Minimum Skills, Knowledge and Abilities
Bachelor's Degree in Computer Science, Computer Engineering, IT or a related technical field, or commensurate selection criteria experience.
Minimum of four (4) years of information technology with at least 3 years in IT Security.
Proven experience on both Linux-based and MS Windows-based system platforms with a strong IT technical understanding and aptitude for analytical problem-solving.
Demonstrated strong understanding of enterprise, network, system, and application-level security issues.
Demonstrated a strong understanding and practice of the Agile methodology
Proven experience with system hardening processes, tools, guidelines, and benchmarks.
Proven understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security.
Strong team player - collaborate well with others to solve problems and actively incorporate input from various sources. Proven experience leading and motivating team members toward excellence and project completion.
Demonstrated ability in lead position for collaboration with application developers
Demonstrated customer focus - evaluate decisions through the eyes of the customer; build strong customer relationships and create processes with customer viewpoint.
Demonstrated analytical skills - continuously defines problems, collect, or interpret data, establish facts, anticipate obstacles, and develops plans to resolve; strong problem-solving skills while communicating in a clear and succinct manner effectively evaluating information / data to make decisions.
Demonstrated inherent passion for information security and service excellence.
Possess and displays excellent verbal and written communication skills; frequently expresses, exchanges, or prepares accurate information conveying information to internal and external customers in a clear, focused, and concise manner.
Demonstrated self-starter with proven leadership ability. Proven ability to work with little supervision or direction.
Proven ability to work under multiple deadlines with minimal supervision. Cite examples of successfully organizing and effectively completing projects where given little or no direction.
Solid foundation in networking and web security (SSL/TLS, OAuth, SAML, XSS, etc.),
Preferred Minimum Skills, Knowledge and Abilities
Security-related certifications are not required but are a plus (e.g., CISSP, SANS-GIAC, ISSAP, CISA) as are CISCO Certifications and Microsoft Certifications.

Keywords: Little Caesars Pizza, Lansing , Lead Application Security Engineer, Other , Lansing, Michigan