Principal Cybersecurity Application Security Specialist

We are unable to sponsor for this permanent full-time rolePosition is bonus eligiblePrestigious Enterprise Company is currently seeking a Principal Cybersecurity Application Security Specialist. Candidate is recognized across the organization for functional expertise in application security and penetration testing. The Principal Cybersecurity Application Security Specialist will be required to effectively translate business objectives and risk management strategies into specific security technologies and services and will serve as an expert resource for those technologies.

• Serve as the Subject Matter Expert for a collection of critical cybersecurity technologies, possessing the highest level of expertise in the design, deployment, maintenance and remediation of those technologies
• Expert level of proficiency with application security scanning tools and foundational concepts of secure development principles
• Expert level of penetration testing skill against cloud applications, traditional applications and infrastructure
• Provides a clear technical capability roadmap for cybersecurity tools for which you are responsible, in coordination with Security Architecture
• Coordinate with Cybersecurity leadership and business owners to determine business needs and requirements
• Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
• Validate IT infrastructure, applications and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
• Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics
• Liaise with other practitioners across the Digital organization to share best practices and insights
• Mentor and grow junior level associates
• Will coach and mentor less-experienced engineers and act as team leader on more complicated digital projects.

• Bachelor's degree in computer science, information systems, cybersecurity, or a related field and a minimum of 7 years related work experience. An additional four years of relevant work experience may substitute for the Bachelor’s degree. A Master’s degree can substitute for 2 years of work experience.
• Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) or Certified Information Systems Manager (CISM) preferred
• Strong communication and presentation skills
• Experience with deploying enterprise-wide, complex technology projects
• Experience and strong working knowledge of managing security infrastructure (e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM, and log management technology)
• Experience and strong working knowledge of vulnerability management tools
• Experience and a strong working knowledge of the methodologies to conduct risk assessment exercises on new applications and services
• Full-stack knowledge of IT infrastructure:
• Applications
• Databases
• Operating systems – Windows and Linux
• Hypervisors
• Networks – WAN, LAN, SCADA, Storage and Backup
• Direct experience designing IAM technologies and services:
• Active Directory
• Lightweight Directory Access Protocol (LDAP)
• Amazon Web Service (AWS) IAM
• Experience leading the deployment of applications and infrastructure into public cloud services
• V. Work Environment
• Listed below are key points regarding environmental demands and work environment of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.