Lead Application Security Engineer
Company: Little Caesars Pizza
Location: Lansing
Posted on: January 24, 2023
|
|
Job Description:
Job Summary
The Application Security Lead Engineer will serve as lead Technical
Engineer for the Developer teams to solve complex application
security problems in a timely and efficient manner. The incumbent
will continuously evaluate the internal/external threat landscape,
conduct security reviews leveraging existing tools and support
application teams to ensure they are developed and operate in a
safe manner. This position will be responsible for creating and
maintaining documentation of processes and procedures, serve as a
leader for Application Security initiatives and implementation
projects and function as lead engineer in Cybersecurity Team. The
Application Security Lead Engineer will be responsible to forming a
strategy for application security and ensuring a comprehensive
DevSecOps program is established and executed.
Key Responsibilities
Define, communicate, and drive the deployment and adoption of
application security capabilities, solutions, and requirements.
Lead the design, development and strategic direction for
application security practices, security guidance documentations,
techniques, enablers, and processes.
Co-lead the creation of a comprehensive DevSecOps program and
ensure program is effectively implemented in the application
development process
Identify and evaluate existing or new application security
technology and/or services to be used and build, maintain and run
those technologies (SAST, DAST, IAST etc.)
Lead cooperation with Governance, Risk and Compliance to establish
a training program for application security (technical and best
practices).
Subject matter expertise in understanding the Open Web Application
Security Project (OWASP) framework established vulnerabilities and
aiding resolution with the development team as needed.
Subject matter expertise in interpreting software vulnerabilities
and aid developers to close out software bugs, answer questions
around best practices as it pertains to encryption, secure coding,
secure data flows, etc.
Ensure security is built into the design upfront, perform threat
modelling, and support cybersecurity requirements and testing for
developments.
Create, revise, and maintain documentation of processes and
procedures in the central knowledge base.
Evolve, maintain, and achieve metrics, measures and KPI associated
with application security
Additional Key Responsibilities
Performs other duties as assigned by management.
Minimum Skills, Knowledge and Abilities
Bachelor's Degree in Computer Science, Computer Engineering, IT or
a related technical field, or commensurate selection criteria
experience.
Minimum of four (4) years of information technology with at least 3
years in IT Security.
Proven experience on both Linux-based and MS Windows-based system
platforms with a strong IT technical understanding and aptitude for
analytical problem-solving.
Demonstrated strong understanding of enterprise, network, system,
and application-level security issues.
Demonstrated a strong understanding and practice of the Agile
methodology
Proven experience with system hardening processes, tools,
guidelines, and benchmarks.
Proven understanding of the current vulnerabilities, response, and
mitigation strategies used in cyber security.
Strong team player - collaborate well with others to solve problems
and actively incorporate input from various sources. Proven
experience leading and motivating team members toward excellence
and project completion.
Demonstrated ability in lead position for collaboration with
application developers
Demonstrated customer focus - evaluate decisions through the eyes
of the customer; build strong customer relationships and create
processes with customer viewpoint.
Demonstrated analytical skills - continuously defines problems,
collect, or interpret data, establish facts, anticipate obstacles,
and develops plans to resolve; strong problem-solving skills while
communicating in a clear and succinct manner effectively evaluating
information / data to make decisions.
Demonstrated inherent passion for information security and service
excellence.
Possess and displays excellent verbal and written communication
skills; frequently expresses, exchanges, or prepares accurate
information conveying information to internal and external
customers in a clear, focused, and concise manner.
Demonstrated self-starter with proven leadership ability. Proven
ability to work with little supervision or direction.
Proven ability to work under multiple deadlines with minimal
supervision. Cite examples of successfully organizing and
effectively completing projects where given little or no
direction.
Solid foundation in networking and web security (SSL/TLS, OAuth,
SAML, XSS, etc.),
Preferred Minimum Skills, Knowledge and Abilities
Security-related certifications are not required but are a plus
(e.g., CISSP, SANS-GIAC, ISSAP, CISA) as are CISCO Certifications
and Microsoft Certifications.
Keywords: Little Caesars Pizza, Lansing , Lead Application Security Engineer, Other , Lansing, Michigan
Click
here to apply!
|