Application Security Associate Director in New York, NY at Open Systems Technologies

Date Posted: 10/28/2019

Job Snapshot

Job Description

A post-trade financial services company providing clearing and settlement services to financial markets is currently seeking an Application Security Associate Director to join their team in New York City. 

Responsibilities: 

  • Collaborate and guide Application Development / Security Mavens to follow security gates set in company's SDL
  • Evaluate internal Technology Risk Processes and provide process governance
  • Liaise with customer relations and team responsible to address external requests related to AppSec 
  • Coordinate security training for company's development staff with SATEC and LTM 
  • Coordinate Security Mavens training and manage monthly meetings 
  • Manage and update Key Performance Indicators (KPI’s) for Application Security Assurance Program
  • Coordinate with team members and TRM policy management to ensure control standards and policies are up to date 
  • Manage application security threat modeling process and coordinate application threat models against company's applications 
  • Liaise with various internal teams for Application security initiatives and automation efforts 
  • Manage new projects and initiatives related to application security as needs arise 
  • Evangelize application security within the firm and work with Application Development Security Mavens to incorporate new program direction into applications 
  • Coordinate with team members to track internal audit and regulatory assessments and address requests related to the Application Pentest, SAST and FOSS 
  • Conduct presentations on application security topics for TRM and AD management 
  • Provide regular status updates on all assigned tasks and deliverables
  • Maintains issue logs, track/follow up on problems
  • Mitigate risk by following established procedures and monitoring controls, spotting key errors and demonstrating strong ethical behaviors 

Skills: 

  • Must have a Bachelor's degree in Computer Science or related field; Master's degree preferred 
  • 10+ years of related experience 
  • Strong understanding of  Software Development Life Cycle Methodologies- Waterfall, Agile 
  • Knowledge of Application Security Vulnerabilities (as listed in OWASP Top 10), Security Testing methodologies and related tools (Fortify, WebInspect, BurpSuite)
  • Strong knowledge and familiarity with Operating system administration- Windows & Linux
  • Programming experience (C/C++, Java/J2EE, Javascript, AJAX, PHP, Visual Studio etc.) will be an added advantage
  • Project Management Certification such as PMI is a plus
  • Technical certifications such as CISSP, CISM is a positive
  • Must have a strong interpersonal skills to work with different teams within and outside of the organization 

Job category:
  • Information Technology
Job keywords:
  • SDLC
  • C++
  • Java
  • J2EE
  • CISSP
  • Project Management