Lead Cybersecurity Application Engineer

We are unable to sponsor as this is a permanent full time roleA prestigious company is on the search for a Lead Cybersecurity Application Security Engineer. This engineer will be working with application security penetration testing. They are expected to have experience and strong working knowledge of managing security infrastructure (e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM, and log management technology)Responsibilities

• Serve as the Subject Matter Expert for a collection of critical cybersecurity technologies, possessing the highest level of expertise in the design, deployment, maintenance and remediation of those technologies
• Expert level of proficiency with application security scanning tools and foundational concepts of secure development principles
• Expert level of penetration testing skill against cloud applications, traditional applications and infrastructure
• Provides a clear technical capability roadmap for cybersecurity tools for which you are responsible, in coordination with Security Architecture
• Coordinate with Cybersecurity leadership and business owners to determine business needs and requirements
• Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
• Validate IT infrastructure, applications and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
• Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics

• Education: Bachelor's Degree (accredited) in computer science, information systems, cybersecurity, or a similar area of study, or in lieu of degree, High School Diploma or GED (accredited) and 4 years of relevant experience.
• Experience: A minimum of 7 years related work experience. An additional four years of relevant work experience may substitute for the Bachelor’s degree. A Master’s degree can substitute for 2 years of work experience.
• Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) or Certified Information Systems Manager (CISM) preferred
• The Principal Cybersecurity Application Security Specialist should have a minimum of 5-7 years of direct, documented, and verifiable experience with the following:
• Experience and strong working knowledge of managing security infrastructure (e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM, and log management technology)
• Experience and strong working knowledge of vulnerability management tools
• Experience and a strong working knowledge of the methodologies to conduct risk assessment exercises on new applications and services
• Full-stack knowledge of IT infrastructure:
• Applications
• Databases
• Operating systems – Windows and Linux
• Hypervisors
• Networks – WAN, LAN, SCADA, Storage and Backup
• Direct experience designing IAM technologies and services:
• Active Directory
• Lightweight Directory Access Protocol (LDAP)
• Amazon Web Service (AWS) IAM
• Experience leading the deployment of applications and infrastructure into public cloud services