Manager, Application Security & Testing (onsite) in Fort Mill, South Carolina
THE TEAM YOU WILL BE JOINING:
Large, multi-billion-dollar services company in South Charlotte.
Highly respected and known for being an industry leader in their market.
Aggressive growth over the last several years both organically and through acquisitions.
Consistently ranked as one of the top employers in Charlotte.
WHAT THEY OFFER YOU:
Very strong leadership team; open door policy with lots of energy and ideas.
Some of the best employer benefits in the area - health, wellness, dental, 401 (k), flexibility, and more.
Ability to drive and build out your career - this exciting role is poised for growth and has a direct impact on the organization.
Brand recognition and career development - continuing education credits, professional networking opportunities, etc.
WHY THIS ROLE IS IMPORTANT:
Collaborate with Digital and Technology teams to plan, execute, and assess Information Security program testing and measurement initiatives.
Manage application security testing aligned with the Secure SDLC, including scoping penetration and red team assessments.
Lead security testing and measurement capabilities enhancement within the SBR SDLC, fostering partnerships with various teams.
Contribute to security and technology strategic planning to integrate risk governance into the CISO enterprise strategy.
Oversee secure code practices, execute security testing strategy, coordinate penetration tests, and ensure secure outcomes across development phases.
THE BACKGROUND THAT FITS:
Relevant professional certifications: GIAC, CISA, CISM, CRISC, CISSP or equivalent desired
3-5 years’ experience in application security testing methodologies and implementing Secure SDLC practices.
Management of third-party testing services, along with expertise in integrating Threat Modeling into the SDLC.
Proficiency in cloud computing concepts, DevOps tools (AzureDevops, Kubernetes, Docker, Chef, etc.), and experience with cloud platforms like AWS, Google, Azure.
Comprehensive understanding of security, web-based and infrastructure vulnerabilities, as well as source code management, build and deployment technologies.
Proficient in vulnerability assessments, security issue articulation, and familiarity with security testing tools (Checkmarx, AppScan Source, Fortify, etc.). Effective communication, strategic planning, and advanced knowledge of the Security industry operations and technologies.