Manager, Application Security

About The Position

Requirements

• Bachelor's Degree in computer science, Information Technology, or a related field. required
• Bachelor’s degree may be substituted with years of related experience (in addition to minimum required experience), or an equivalent combination of education and experience.
• Relevant certifications (e.g., AWS Certified Security Specialty, CISSP, OSCP). required
• 8 years of experience in Information Technology required
• 6 years of experience focused on application development, application security, or security compliance related activities required
• Prior Experience in highly regulated industries required
• Prior Experience in a supervisory/management role required
• Knowledge of compliance frameworks as they relate to cloud and application security.

Responsibilities

• Participates in architecture design, development, and implementation initiatives to ensure security is appropriately addressed and follows industry standards.
• Partners with Infrastructure Security, Threat Management, Information Technology, Product, and Compliance teams to integrate application related security controls and best practices into applications and GitHub repositories.
• Acts as a liaison between technical and non-technical teams, translating security requirements into actionable tasks and ensuring alignment with business objectives.
• Leads the implementation of security automation in GitHub, EKS, IaC, and other technology utilized in application development and hosting, collaborating with DevOps to embed security in CI/CD pipelines.
• Applies OWASP, FFIEC, NIST, AWS, and other standards as appropriate to guide security assessments and remediation efforts.
• Reviews IAM policies and permissions with cloud administrators to ensure least-privilege access and regulatory compliance for cloud applications.
• Participates in internal and third-party security assessments and provides security risk analysis of identified findings and recommended remediation efforts.
• Partners with Information Technology for application vulnerability scanning including both SAST and DAST scanning as appropriate.
• Tracks and reports on application related security metrics, incidents, and improvements to leadership and stakeholders.
• Develops and delivers or coordinates training sessions for cross-functional teams on secure coding, DevSecOps principles, and relevant security standards (OWASP, FFIEC, NIST, AWS).
• Provides thought leadership over application security matters. Maintains knowledge of information security trends, technologies and related regulatory issues.
• Fosters a culture of security awareness and continuous improvement across all departments.
• Participates in security team rotational on-call schedule.
• Oversees security assessments of CoBank’s third-party and vendor relationships to identify security risk associated with those third parties.
• As a people manager at CoBank, you will be expected to manage and lead associates. Responsibilities include, but are not limited to, associate performance management, talent strategy, workforce planning, change management, conflict resolution, and relationship management. You will drive and be accountable for the team’s development, alignment with the division’s objectives, as well as with CoBank’s strategy and mission.

Benefits

• Time-Off Packages, 15 days of vacation, 10 paid sick days and 11 paid holidays
• Competitive Compensation & Incentive
• Hybrid work model: flexible arrangements for most positions
• Benefits Packages, including Medical, Dental and Vision coverage, Disability, AD&D, and Life Insurance
• Robust associate training and development with CoBank University
• Tuition reimbursement for higher education up to $10k per year
• Outstanding 401k: up to 6% matching and additional 3% non-elective contribution & Student Loan Match
• Community Impact: United Way Angel Day, Volunteer Day and Associate Directed Contribution
• Associate Resource Groups: creating a culture of respect and inclusion
• Recognize a fellow associate through our GEM awards