Posted in General Business 30+ days ago.
Type: Full-Time
Location: Roswell, Georgia
Application Security Architect
Overview:
Provide strategic direction and day-to-day leadership for the Application Security function in order to comply with corporate policies, and regulatory requirements. Serve as the central point of contact for the Application Security inquiries, incidents and consulting across the organization.
Responsibilities:
Create and prioritize application plans to drive security improvements
Work effectively with a cross-functional team to identify areas for process improvement and efficiency gains
Propose and lead improvements based on knowledge and practical application of information security best practices, including but not limited to threat assessment, vulnerability prevention and secure coding practices
Collaborate with key stakeholders including senior leadership to research, develop and then implement a security strategy for web and mobile applications
Provide technical leadership, including performance management, development plans, and excellent communication
Organize and lead technical training and direction for team members as required
Mature and help implement Threat Modeling capability with SDLC and Application development efforts
Partner with DevOps team to evaluate, integrate and onboard security tools such as SAST, RASP, open source scanning into the DevSecOps life cycle
Conduct application (Web, Mobile, API) penetration testing and coordinate external testing when required
Flexibility to change direction and manage conflicting demands
Required Experience / Qualifications:
10 years progressive Information Technology experience or equivalent specialized skills with 8-10 years of application security and/or application pentesting experience
Experience in deploying, managing and integrating static analysis (SAST) and dynamic analysis (DAST) tools and processes
Experience in conducting and teaching web application penetration tests
Strong web application security experience with thorough understanding of web application, mobile application, and API vulnerabilities
Knowledge of application Security Architecture and ability to perform risk assessments on identified applications
Development background in .Net, Java, Perl, Python a plus
Strong knowledge of Security Standards, frameworks and groups (OWASP, WASC, OSSTMM)
Knowledge of the software development lifecycle under agile environment in a large enterprise
Knowledge of database, application and Web server design
Knowledge of current and emerging security technologies, threats and techniques for exploiting security vulnerabilities
Knowledge of network exploitation, ethical hacking, penetration testing and tool development a plus
Knowledge of public cloud services a plus (preferably AWS, Azure)
Education:
Bachelor's degree in Computer Science, Information Technology or equivalent
Advanced degree preferred
Certifications including CISSP, CSSLP, CASE, GWEB, or similar preferred
Kimberly-Clark and its well-known global brands are an indispensable part of life for people in more than 175 countries. Every day, 1.3 billion people - nearly a quarter of the world's population - trust K-C brands and the solutions they provide to enhance their health, hygiene, and well-being. With brands such as Kleenex, Scott, Huggies, Pull-Ups, Kotex, and Depend, Kimberly-Clark holds No.1 or No. 2 share positions in more than 80 countries. With more than 140 years of history of innovation, we believe in recruiting the best people and empowering them do their best work. If fresh thinking and a passion to win inspire you, come Unleash Your Power at Kimberly-Clark.
For Kimberly-Clark to grow and prosper, we must be an inclusive organization that applies the diverse experiences and passions of its team members to brands that make life better for people all around the world. We actively seek to build a workforce that reflects the experiences of our consumers. When you bring your original thinking to Kimberly-Clark, you fuel the continued success of our enterprise. We are a committed equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity, age, pregnancy, genetic information, citizenship status, or any other characteristic protected by law.
The statements above are intended to describe the general nature and level of work performed by employees assigned to this classification. Statements are not intended to be construed as an exhaustive list of all duties, responsibilities and skills required for this position.
This position may require a post-offer/pre-hire Physical Abilities Test (PAT) to confirm that individuals are able to perform the essential functions of the job.
K-C requires that an employee have authorization to work in the country in which the role is based. In the event an applicant does not have current work authorization, K-C will determine, in its sole discretion, whether to sponsor an individual for work authorization. However, based on immigration requirements, not all roles are suitable for sponsorship. This position is subject to drug and alcohol testing, including pre-employment testing.
Wellstar Health Systems
|
Veolia North America
|
Wellstar Health Systems
|