Vice President – Application Security Engineer

Vice President – Application Security Engineer

Requirements

• Proven experience in application security with a focus on application security testing and vulnerability management.
• Hands-on experience with Application Security tools.
• Strong understanding of common application vulnerabilities (e.g., OWASP Top 10) and mitigation techniques.
• Experience with threat modelling methodologies and tools.
• Proficiency in at least one programming language (e.g., Java, Python, JavaScript).
• Excellent communication and collaboration skills, with the ability to work effectively in cross functional teams.
• Strong understanding of risk management.

Responsibilities

• Perform Application Security scans (e.g. DAST and SCA) on applications and APIs to identify security vulnerabilities and weaknesses.
• Triage security findings and collaborate with development teams to prioritize and remediate identified vulnerabilities.
• Drive threat modelling as a standard part of the SDLC, and develop and maintain threat models for critical applications, identifying potential security risks and proposing mitigations.
• Drive the Security Champions program, and define and promote secure coding practices, patterns, and standards across development teams.
• Conduct security reviews and provide guidance on security requirements for new features and projects.
• Assist in the analysis, selection and rollout of new application security tools, processes, and standards.
• Stay up to date with the latest security threats, vulnerabilities, and industry best practices.

Preferred Qualifications

• Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent).
• Relevant security certifications (e.g. CISSP, CEH, CSSLP) or equivalent is preferred.