search > Salt Lake City jobs > Salt Lake City computer/technical

Posted: Monday, March 13, 2017 1:14 AM

The Application Security Program Manager will be responsible for leading Progressive LeasingA?s web and mobile application security program. This is a program management role focused on people, process and necessary tools to support Secure SDLC for Progressive LeasingA?s fast:paced application development environment and technology operations. It is a process management role focused on continuous improvement. Alternately, the role requires a grasp of application security principles and practices and a background working in an application development and coding environment within a business. What Youll Do: Drive an Application Security program through a very close working relationship with DevOps, application development and QA teams.Provide strong leadership and cross:functional / stakeholder communicationsMaintain documentation related to the Application Security program including the development of secure coding policies, procedures and standards, modification of the Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc.Implement and manage training programs to train developers on secure code development practices.Identify application security requirements early:on and incorporate into secure code development practices.Plan, coordinate, and lead teams with the design, integration, development, validation and implementation of specific security policies, systems and services.Evaluate new security trends and technologies.Lead the assessment and acquisition of application security tools and technologies.Participate as a subject matter expert in the incident response program.Attend design and application architectural reviews and actively lead discussions from a security standpoint. Minimum Experience and Qualifications: Minimum of 3+ years in program management over at least 2 or more of the following security functional areas: application security, authentication and authorization, identity and access management, dynamic application security testing, static application security testing, Middleware security, data security, security monitoring or SSO/2FA security, vulnerability management.Expertise in mitigating and addressing technology or application threat vectorsExpertise in building a defense in depth infrastructure security architecture that includes security controls across multiple technology stacksExperience with Web Application Firewalls, Runtime Application Self:Protection (RASP), Reverse Proxies, and security assessment tools/methodology (network, systems, and application)Solid knowledge and understanding of securing all major web server environments and cloud platforms based on OWASP top ten recommendationsDemonstrated knowledge of regulatory and statutory compliance requirements across industriesAn Information Security and/or Web application security certification; e.g., SANS GWEB or GWAPT, CSSLP.Familiarity with dynamic web application vulnerability scanning tools and services.Familiarity with static code analysis tools and services.Familiarity with high level programming languages. Job Requirements: BA/BS combined with 5+ years of overall information security experience and 3+ years of Program Management experience. Strong program development, program management and leadership skills including experience in developing, documenting and establishing application security programs and best practices.Deep application development / software development experience, understanding of security protocols and APIs.Understanding of application threat modeling and SDLC security practices.Curious, inquisitive, lifelong learner and self:starter.Strong documentation skills in writing application security policies, procedures and standards.Experience with agile software development methods using SCRUM preferred.Clear on responsibilities yet flexible and willing to A?carry waterA? during times of ambiguity.Able to effectively give, receive, and respond to feedback. Compensa


• Location: draper, Salt Lake City

• Post ID: 11350929 saltlakecity is an interactive computer service that enables access by multiple users and should not be treated as the publisher or speaker of any information provided by another information content provider. © 2017