Application Security, Lead

About The Position

Requirements

• Typically, 4-8 years of experience in application security, with significant hands-on experience using SAST/SCA/DAST tools and methodologies.
• Proven expertise in testing complex web applications, APIs, and mobile applications for security vulnerabilities.
• Strong understanding of application security standards (e.g., OWASP Top Ten, SANS CWE Top 25).
• Familiarity with programming languages and frameworks commonly used in web and mobile applications, including Java, Python, Bash/Shell Scripting, PHP, Javascript, etc.
• Familiarity with applying Artificial Intelligence (AI) or Machine Learning (ML) techniques in cybersecurity contexts (e.g., anomaly detection, threat hunting, behavioral analytics, or risk scoring).
• Strong understanding of CI/CD tools (e.g., Jenkins, Harness, GHA).
• Familiarity with containerization and orchestration (Docker, Kubernetes).
• Knowledge of cloud platforms (AWS, Azure, GCP) and their security features.
• Knowledge of Infrastructure as Code (Terraform, Ansible).

Nice To Haves

• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.
• Ability to work in a fast-paced, agile environment.
• Ability to lead security testing initiatives and mentor junior security engineers.

Responsibilities

• Lead the assigned Application Security team members.
• Design and maintain secure CI/CD pipelines.
• Integrate security tools like SAST, DAST, and SCA into development processes.
• Automate security testing and compliance checks.
• Monitor and respond to security incidents in cloud and container environments.
• Enforce security policies, standards, and procedures to be used in secure development.
• Conduct comprehensive vulnerability assessments on web applications, APIs, and mobile applications.
• Collaborate with development, DevOps, and security teams to incorporate DAST into CI/CD workflows.
• Analyze scan results, validate findings, and prioritize remediation efforts based on risk levels.
• Stay updated on emerging threats and vulnerabilities relevant to application security.
• Provide guidance and training on interpreting reports and strategies for remediation.

Benefits

• A work environment built on teamwork, flexibility, and respect.
• Professional growth and development programs to help advance your career, including tuition reimbursement.
• Team Member Vehicle Purchase Discount.
• Toyota Team Member Lease Vehicle Program (if applicable).
• Comprehensive health care and wellness plans for your entire family.
• Toyota 401(k) Savings Plan with a company match, plus an annual retirement contribution from Toyota regardless of your own contributions.
• Paid holidays and paid time off.
• Referral services for prenatal services, adoption, childcare, schools, and more.
• Tax advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA).
• Relocation assistance (if applicable).