Skip Navigation

Application Security Director
New York, NY

Back To Job Board

Direct Hire


We are currently looking for a Application Security Director for our Healthcare Client in New York City (10017). This would be a Full-Time (Direct Hire) Remote position, compensation depends on experience. 10+ years of experience within Information Security and 7+ years within Application Security preferred.

Roles & Responsibilities:

  • Lead the Application Security program as an AppSec SME throughout a global technology organization with in-house developed applications and various legacy and modern systems within data centers and the cloud.
  • Lead and mentor a team of AppSec professionals across the DevSecOps, SAST/DAST, Software Composition, and SDLC disciplines.
  • Develop enterprise policy and technical standards with specific regard to application security management and secure development standards.
  • Document technical issues identified during AppSec assessments and correlate technical issues across applications to update application security standards.
  • Define and report on AppSec assessments utilizing the Common Vulnerability Scoring System (CVSS) classifications and standards.
  • Fully understand business requirements and work with them to define appropriate solutions for security objectives while meeting the business need.
  • Aware of Azure, OpenShift, Docker, Kubernetes – bringing security tooling to DevOps and driving tool chain automation
  • Have experience at evaluating, building, deploying, and managing best-in-class commercial and open-source application security testing tools at the enterprise scale
  • The focus will be on managing application security testing tools (commercial and open source) and vulnerabilities discovered, improving scan policies and coverage, bringing in new and appropriate security tooling, and integrating security tools into DevSecOps
  • Well aware of Azure, OpenShift, Docker, Kubernetes – bringing security tooling to DevOps and driving tool chain automation

Requirements:

  • Bachelor’s degree in Computer Science, or related discipline, or equivalent work experience.
  • Typically a minimum of ten years’ related work experience in Information Security, preferably with at least 7 years of experience in Application Security.
  • Strong interpersonal skills, including executive communication to senior leadership
  • Experience in software development in prior role is a big plus, should have experience in application pen testing SAST/DAST using methodologies.
  • Security certifications (CEH, CCSP, CISSP, OSCP) are also a plus
Please note: This not open to 3rd party c2c agencies. No visa sponsorship provided. All applicants must have permanent US work authorization and not require sponsorship now or in the future.


Back To Job Board

Submit Your Resume

"*" indicates required fields

First Name*
Last Name*
Max. file size: 20 MB.
Drop your resume and other files here or upload here
This field is for validation purposes and should be left unchanged.