Campus Pride Jobs

The Lead Application Security Engineer will be a core member of the Threat and Vulnerability Management (TVM) team. The role will be responsible for supporting the organization's Application and API Security Program. This individual will lead efforts to identify, assess, and mitigate vulnerabilities across applications and APIs, delivering strategic guidance while collaborating closely with IT, Asset and Application Owners, and Senior Information Security Leadership to drive security initiatives. As an accomplished cybersecurity professional, the Lead Application Security Engineer will apply advanced expertise in application and API security, offensive security, risk assessment, and threat intelligence to proactively detect emerging cybersecurity threats and implement robust remediation measures. This role demands a deep understanding of key cybersecurity frameworks and standards, with a commitment to continuously enhance the security of the organization's applications, APIs, infrastructure, and data. #LI-DNI Corporate-wide Application Security and TVM security initiatives. Assessing IT and cybersecurity risks related to applications and identifying emerging application security threats. Managing, maintaining, and administering tools utilized for application security, including static and dynamic analysis tools. Maintains expert knowledge of security frameworks and standards - Ensures application security practices align with industry standards, such as OWASP, NIST, and CIS controls, and incorporates these into security policies and procedures. Conducts comprehensive application security assessments - Performs in-depth security testing and code reviews on new and existing applications to identify vulnerabilities and provides recommendations for remediation. Collaborates with IT and development teams - Works closely with development and DevOps teams to implement secure coding practices, communicates application-related risks, and supports efforts to secure the application lifecycle. Advises business units on application security controls - Partners with various business units to ensure application security controls are robust, appropriate, and effective, aligning security initiatives with business objectives. Participates in security planning and strategy sessions - Actively contributes to security-related meetings, project teams, and workgroups, offering expertise and strategic input on application security initiatives. Supports compliance and audit efforts - Assists with internal and external security audits, ensuring applications comply with regulatory requirements and industry standards. Promotes a strong security culture - Advocates for application security awareness and best practices throughout the organization, fostering a proactive approach to secure development. Develops and delivers application security reports - Prepares and presents reports on application security findings, offering insights and recommendations to stakeholders. Monitors and adapts to evolving security trends and regulations - Keeps abreast of new regulatory requirements, application security trends, and technology developments to inform and adjust security practices accordingly. Occasional travel for special assignments and professional development - Participates in specialized training, conferences, or office visits as needed to support application security objectives and team development. 5+ years of experience in information technology or information security, with a focus in one or more of the following areas: Application Security Offensive Security Secure Software Development Excellent written and oral communication skills, including the ability to: Deliver messages in a clear, compelling, and concise manner. Articulate complex security concepts in a way that is understandable by both technical and non-technical audiences. Tailor communication content and