Head of Application Security

Recruiter
Information Security Solutions
Location
London (Greater)
Posted
10 Oct 2018
Closes
18 Oct 2018
Contract Type
Permanent
Hours
Full Time
Position Summary:

Seeking a motivated and collaborative security leader to run our rapidly growing application security team and our secure development lifecycle program. The person in this role will also lead in building the application secure strategy, design, deployment, and operations of all of our systems. This role requires impeccable interpersonal skills as well as a deep understanding of architecture and products.

The role holder must be technical and collaborative with an ability to influence technology leaders to build security into the Software Development Lifecycle.

Primary Responsibilities

Create a relevant strategy and vision for application security to ensure the reduction of risk on the applications.

Refine and drive widespread adoption of our secure development lifecycle process

Build partnerships with other development teams, be a source of expertise in security best practices.

Recruit, mentor and grow your team of application security analysts

Develop and deliver engaging and memorable security trainings

Project manage all application security team initiatives and

Manage enterprise wide penetration tests

Provide detailed guidance and support to teams in application vulnerability remediation

Guide your team in selecting and implementing automated application scanning, static analysis and related tools

Perform threat modelling, architecture and source code reviews.

Provide application security guidance on cloud environments as well as non-cloud environments

Communicate relevant metrics and trends to the technology leadership team.

Ensure stakeholder satisfaction

Requirements

Security leaders with deep empathy and a passion for helping others grow

Generalists who love learning new things and concocting creative security solutions for novel and risky functionality

5+ year of prior team lead or people management experience

7+ years’ experience in some combination of the following disciplines: web application security, cloud security, infrastructure security, penetration testing, secure software development, security tools development, architecture review and threat modelling

Experience with AWS, Java, Python, Ruby, and other modern open source languages and tools

Experience with static code analysis tools (Fortify)

Experience with dynamic code analysis tools (WebInspect)

Deep understanding of common web application attacks

Similar jobs

Similar jobs