Lead Application Security Architect (Hybrid)

Eversource Energy-posted about 17 hours ago
Full-time • Mid Level
Hybrid • Berlin, CT
5,001-10,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

As the Lead Application Security Architect, and as part of the Cybersecurity Architecture team at Eversource, you will lead a team that works alongside other cybersecurity specialists within the Cybersecurity, Network, and Compliance organization. You’ll have the opportunity to shape Application Security and collaborate across multiple business lines and technical domains. One of your primary tasks will be a focus on security issues involving secure coding and secure design. You will lead a team and assist others in resolving security issues by offering alternative coding solutions and other means. You will also work with project teams and business management to promote a security mindset. The Lead Application Security Architect will interact closely with the technology and business colleagues associated with projects. They will deliver project level planning, design, and implementation of security solutions and controls related to Secure Software Development Life Cycle (SSDLC) (e.g. code review, risk assessments, threat modeling, static code analysis, and dynamic application scanning) You will aid the firm in remaining at the forefront of industry trends, best practices, and technological advances in application cybersecurity.

  • Lead Application Security for multiple cybersecurity architecture and process implementations across business lines to achieve security objectives.
  • Cultivate security culture with your product technology and business colleagues.
  • Build a vision around the next level of security maturity for application developers, with inputs from the security organization and work with Cyber Security leadership to deliver on that idea.
  • Serve as an application security thought leader.
  • Be recognized in the enterprise as the clear point of escalation and subject matter expert for Application Security and associated IT Risk.
  • Serve as an appsec cyber risk advisor to the leadership team and help prioritize initiatives with the greatest ROI.
  • Foster a culture of innovation, collaboration, and continuous improvement by developing and maintaining security policies, and testing and evaluating security tools and products.
  • 5+ years of senior level Cyber Security experience required.
  • Must have experience leading mid to large security initiatives and managing small teams within Security.
  • Must have a background performing cybersecurity code analysis. This includes identifying and resolving false positives, explaining vulnerabilities in simple terms to project teams, and serving as an escalation point for the appsec team.
  • Must have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.
  • Must have experience with DevSecOps and Agile methodology.
  • Must be able to produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management.
  • Experience with cloud methodology and terminology.
  • Experience working with cloud-based platforms and applications. Experience with Azure is preferred.
  • Experience with implementing and using static and dynamic analysis tools.
  • Experience using and/or maintaining Checkmarx, Burp Suite, or Contrast preferred.
  • Experience performing or interpreting penetration testing is preferred.
  • Experience with automating security operations within CICD workflows preferred.
  • Experience in writing code using a major programming language is preferred. Specifically, .NET.
  • Exhibits an exceptional degree of ingenuity, creativity and/or resourcefulness.
  • Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy.
  • Bachelor’s Degree in Engineering, Computer Science, Data Science, Information Technology or related experience
  • 10 years related experience that includes 5 years of Senior level cyber security experience and:
  • Experience in Cross Domain Solutions
  • Must have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.
  • Experience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice / standards (e.g. NIST, ISO, PCI, SOC, CIP).
  • Exposure to projects using an Agile methodology and DEVSECOPS environment.
  • Experience leading mid to large security initiatives
  • Certification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect) or prominent independent organization such as ISC2.
  • Industry security certifications such as CISSP, CCSP, Azure certifications, HTB Certified Penetration Testing Specialist, or OSCP preferred.
  • Must be available to work emergency restoration assignment as required.
  • Must be available to travel between MA/CT/NH as necessary.
  • Experience with Azure is preferred.
  • Experience using and/or maintaining Checkmarx, Burp Suite, or Contrast preferred.
  • Experience performing or interpreting penetration testing is preferred.
  • Experience with automating security operations within CICD workflows preferred.
  • Experience in writing code using a major programming language is preferred. Specifically, .NET.
  • Industry security certifications such as CISSP, CCSP, Azure certifications, HTB Certified Penetration Testing Specialist, or OSCP preferred.
  • Eversource offers a competitive total rewards program.
  • Check out our careers site for an overview of our benefits programs.
  • This position is eligible for a potential incentive.
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service