Engineering - Dallas, Texas - Vice President, Security Engineering - 3524178

About The Position

Requirements

• Master’s degree (U.S. or foreign equivalent) in Cybersecurity, Computer Science, Computer Engineering, or a related field and three (3) years of experience in the job offered or a related Security Engineering role OR Bachelor’s degree (U.S. or foreign equivalent) in Cybersecurity, Computer Science, Computer Engineering, or a related field and five (5) years of experience in the job offered or a related Security Engineering role.
• Three (3) years of experience (with a Master’s degree) or five (5) years of experience (with a Bachelor’s degree) with: reviewing security controls and how they apply to different designs and systems in order to identify security gaps.
• Three (3) years of experience (with a Master’s degree) or five (5) years of experience (with a Bachelor’s degree) with: highlighting and articulating risk to developers or engineers in an understandable language.
• Three (3) years of experience (with a Master’s degree) or five (5) years of experience (with a Bachelor’s degree) with: engaging with applications teams to design and build security elements of the architecture.
• One (1) year of experience (with a Master’s degree) or three (3) years of experience (with a Bachelor’s degree) with: performing application vulnerability assessment and penetration testing of web applications.
• One (1) year of experience (with a Master’s degree) or three (3) years of experience (with a Bachelor’s degree) with: performing code review of web application programming languages such as Java.
• One (1) year of experience (with a Master’s degree) or three (3) years of experience (with a Bachelor’s degree) with: performing assessments of technologies leveraging common web stack technologies such as Java.
• One (1) year of experience (with a Master’s degree) or three (3) years of experience (with a Bachelor’s degree) with: performing architecture review of web applications.

Responsibilities

• Perform Application Security Assessments (Code Review, Penetration Test, Design Review, Threat modelling) and communicate the results to the respective application engineers.
• Review Application Security architecture, policies, standards definitions, and carry out documentation of the above.
• Identify vulnerabilities in software applications and software designing processes to reduce security risks.
• Actively research new cloud services and identify ways in which the Firm can leverage the Cloud in a secure manner.
• Work with stakeholders to understand the design architecture of software components to analyze security threats and risks.
• Perform security threat analysis to determine the exploit vectors and paths for software components.
• Write and socialize test cases to verify assumptions from threat analysis.
• Document issues along with detailed recommendations for how to address issues.
• Share issues and recommendations with component owners and advise on how they can implement secure remediation.
• Stay up to date with new technologies and assist engineers in assessing risk.
• Enable a world-class cyber defense program by working closely with other technical, incident management, and forensic personnel to develop a fuller understanding of activity of cyber threat actors.
• Provide security consulting within the Firm as needed.