Information Security Engineer 4

Innova Corporation Co. Ltd-posted 7 months ago
$65 - $70/Yr
Full-time • Mid Level
Charlotte, NC
Specialty Trade Contractors
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Innova Solutions has a client that is immediately hiring for an Information Security Engineer. As an Information Security Engineer, you will provide deep technical guidance on secure coding, vulnerability remediation, threat modeling, and security tools. You will serve as the escalation point for Satellite ASCs, ensuring QA/QC of findings, especially in high-risk and regulatory environments. You will lead and continuously enhance the Satellite ASC enablement journey, including onboarding, advanced training, and mentorship. Additionally, you will participate in and lead secure design reviews, code analysis, and architecture consultations across multiple development teams. Your role will also involve driving and maintaining automated security tooling integrations in CI/CD (e.g., SAST, SCA, secrets scanning, IaC reviews) and supporting the creation and tracking of security KPIs and metrics dashboards, helping measure risk reduction and program impact. You will help shape policy and control frameworks that balance developer velocity with security assurance and contribute to the governance and continuous improvement of the Satellite ASC Program. As a senior advisor and technical lead for the Satellite ASC Program, you will help define governance, oversight, and continuous improvement, partnering with Product, Engineering, and Risk leaders to define secure design patterns and control objectives for cloud and enterprise systems. You will also lead the review and escalation process for critical findings, ensuring alignment with enterprise risk tolerance, coach and guide other Core ASCs to raise overall capability and impact of the Core ASC Center of Excellence, and act as a liaison between cybersecurity and development teams to improve application security posture.

  • Provide deep technical guidance on secure coding, vulnerability remediation, threat modeling, and security tools.
  • Serve as the escalation point for Satellite ASCs, ensuring QA/QC of findings, especially in high-risk and regulatory environments.
  • Lead and continuously enhance the Satellite ASC enablement journey, including onboarding, advanced training, and mentorship.
  • Participate in and lead secure design reviews, code analysis, and architecture consultations across multiple development teams.
  • Drive and maintain automated security tooling integrations in CI/CD (e.g., SAST, SCA, secrets scanning, IaC reviews).
  • Support the creation and tracking of security KPIs and metrics dashboards, helping measure risk reduction and program impact.
  • Help shape policy and control frameworks that balance developer velocity with security assurance.
  • Contribute to the governance and continuous improvement of the Satellite ASC Program.
  • Act as a senior advisor and technical lead for the Satellite ASC Program, helping define governance, oversight, and continuous improvement.
  • Partner with Product, Engineering, and Risk leaders to define secure design patterns and control objectives for cloud and enterprise systems.
  • Lead the review and escalation process for critical findings, ensuring alignment with enterprise risk tolerance.
  • Coach and guide other Core ASCs to raise overall capability and impact of the Core ASC Center of Excellence.
  • Act as a liaison between cybersecurity and development teams to improve application security posture.
  • Provide guidance on secure coding practices and vulnerability remediation.
  • Serve as a subject matter expert on tools like Checkmarx, Fortify, Black Duck, Prisma Cloud.
  • Interpret results from SAST, SCA, and pen testing tools and translate into actionable guidance.
  • Support and lead training programs such as the Satellite ASC initiative.
  • Serve as an evangelist for secure development within the broader engineering community.
  • Experience in application security, secure development, or DevSecOps roles.
  • Experience in modern application architectures (e.g., cloud-native, microservices, APIs).
  • Experience scaling security programs in federated or decentralized models.
  • Certifications such as CSSLP, GWAPT, OSWE, or SANS/GIAC (GSSP, GWEB, etc.).
  • Experience working in Agile/DevOps environments using tools like GitHub, Jira, Azure DevOps.
  • Familiarity with compliance frameworks (e.g., NIST, ISO 27001, CRI Profile).
  • Experience in static/dynamic analysis tools (e.g., SAST, DAST, SCA, GHAS) and manual code reviews.
  • Familiarity with secure SDLC principles, threat modeling methodologies (STRIDE, PASTA), and OWASP standards.
  • Experience in understanding of secure SDLC and DevSecOps practices.
  • Experience in Fortify Code Analyzer.
  • Experience in CheckMarx.
  • Experience in Black Duck SCA.
  • Experience in SAST (Static Analysis Software Testing).
  • Medical & pharmacy coverage
  • Dental/vision insurance
  • 401(k)
  • Health saving account (HSA)
  • Flexible spending account (FSA)
  • Life Insurance
  • Pet Insurance
  • Short term and Long term Disability
  • Accident & Critical illness coverage
  • Pre-paid legal & ID theft protection
  • Sick time
  • Other types of paid leaves (as required by law)
  • Employee Assistance Program (EAP)
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Network Security Engineer Resume Examples
Network Security Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service