Information Protection Senior Advisor

About The Position

Requirements

• 8 plus years of experience in cybersecurity, with a focus on application and product security
• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• Proven expertise in automating security solutions within development pipelines (CI/CD)
• Strong understanding of various pipeline touchpoints and integration methods.
• Cloud experience (AWS, Azure, Google Cloud) is highly desirable.
• Familiarity with modern security technologies, practices, and standards.
• Strong knowledge of secure software development practices and principles.
• Industry certifications such as CISSP, CISM, CEH, or similar are preferred.
• Excellent leadership and team management skills.
• Strong communication, relationship-building, and negotiation skills.
• Ability to work effectively in an Agile environment.

Nice To Haves

• Knowledge of regulatory and compliance frameworks (e.g., GDPR, HIPAA, PCI-DSS).
• Hands-on experience with security automation and orchestration.
• Proficiency in programming and scripting languages relevant to security (e.g., Python, Java, Shell scripting).
• Ability to manage and prioritize multiple projects in a fast-paced environment.
• Advanced degree (Master’s or higher) in Computer Science, Information Security, or a related field.
• Relevant industry certifications.
• Additional training in secure software development, application security, and risk management is highly desirable.
• Advanced expertise in secure software development practices, application security, and security tool integration.
• Proficiency in Angular and Java for security-related software development and integration.
• Extensive experience with AWS and other cloud platforms, with a focus on securing cloud-based applications and services.
• Hands-on experience with application security frameworks and tools, including security automation and orchestration.

Responsibilities

• Collaborate daily with development teams to identify and address security needs.
• Design, develop, and implement automated security solutions within CI/CD pipelines.
• Integrate and manage Automated Application Security Testing tools (Example: SAST, DAST, SCA, MAST etc.) across multiple development pipelines.
• Assist in the architectural design and implementation of secure software and systems.
• Conduct security assessments, threat modeling, and vulnerability analysis to ensure robust security measures.
• Develop and maintain security testing services and tools to support secure development practices.
• Provide technical guidance and support to development teams on security best practices.
• Stay updated on the latest security trends, threats, and technologies to continuously improve our security posture.
• Foster strong communication and collaborative relationships with development teams to promote a culture of security.
• Ensure compliance with industry standards and regulatory requirements.
• Maximize the security efficiency (operational, performance, and cost) of application assets.