|Date Posted||January 10, 2019|
EXPECTED DURATION: Up to 18 months, renewed quarterly, based on business need, budget approvals and performance
WORK SITE: Research Triangle Park, NC 27709 (Onsite only)
INTERVIEW METHOD: 1st and 2nd Round - Webex / 3rd and Final Round - In Person
Description: 2 Positions
What You'll Do
• You will be part of a brand new program within the Information Security organization, driving CSDL (Secure Development Lifecycle) within the Client Enterprise. You will play a leadership role in assisting these groups in securely architecting/operating their offerings by aligning to the CSDL, industry standard methodologies, compliance and privacy requirements.
• You be responsible for driving adoption, identifying and defining new CSDL requirements and potentially helping our automated security validation development.
• This role is an excellent opportunity to be part of a world-class security organization and contribute to the security, privacy and data protection needs of a large enterprise that’s continually evolving its business models.
Who You Are
• You have a proven foundation of Secure Development Lifecycle (SDL) and a working knowledge of how various SDL requirements
• Applied knowledge of Agile Methodologies, DevOps and CI/CD with relevant experience in all phases of the application development
• You have a deep knowledge of various classes of security weaknesses and vulnerabilities and mitigations techniques. You are very familiar with the OWASP top 10.
• You demonstrate strong social and technical interpersonal skills, abilities to influence others at various levels of the company, and experience working with multiple programs and partners at once.
• You possess out-of-the-box thinking, analytical reasoning, and creative problem-solving skills.
• You are able to provide technical security training.
• You act decisively, are passionate, highly motivated and eager to affect significant impact to make Client more secure!
• 7+ years information security experience.
• College degree.
• Any additional technical training, including CCSP, CISSP, CCIE or cybersecurity related certifications is a plus.