Application Security Specialist
Role details
Job location
Tech stack
Job description
Job Description: Look for someone who has Application Security experience, has worked closely with software developers, conducted threat modeling and secure coding activities, integrated security tools into CI/CD pipelines, and ideally built or led a Security Champions Program or Community of Practice. Leadership, enablement, training, and influencing engineering teams are more important than deep penetration testing or network security experience., SOC Operations Not a fit. Pure Vulnerability Management Only: Nessus scans Patch management Server vulnerability remediation Not enough AppSec depth. Pure Penetration Tester Only: Ethical hacking Red teaming Bug bounty May lack program leadership and developer enablement. Pure DevOps Engineer Only: Kubernetes Terraform AWS deployment Need AppSec ownership and security leadership.
- Certifications to Prioritize Strong: CSSLP CISSP CRISC Good: GWAPT GWEB CASE Security+ Nice to Have: Scrum Master SAFe PMP
Requirements
-
Security Gates
-
Pipeline Security
-
Compliance Automation
-
Security Controls
-
Continuous Security Testing
Security Testing Tools
-
SAST
-
DAST
-
SCA
-
Static Analysis
-
Dynamic Testing
-
Software Composition Analysis
-
Vulnerability Management
Governance & Metrics
-
Security Metrics
-
KPIs
-
Dashboards
-
Compliance Reporting
-
Risk Management
-
Risk Register
-
Governance
-
Security Controls
Collaboration
-
Cross-Functional Leadership
-
Stakeholder Management
-
Program Management
-
Change Management
-
Community of Practice (CoP)
-
Security Champion Program, * Mend (WhiteSource)
CI/CD
-
Jenkins
-
GitHub Actions
-
GitLab CI/CD
-
Azure DevOps
Dashboards
-
Power BI
-
Grafana
-
Splunk
Collaboration
-
ServiceNow
-
Confluence
-
Jira
-
Microsoft Teams
Benefits & conditions
Irving, TX 75014 Hybrid work $55 - $60 an hour