V-Soft Consulting is currently seeking an?Application Security Advisor?for our premier client in?Chicago,?IL. This is a?full-time?position.
Knowledge, Skills and Abilities ?
- 5+ years of experience in information security with 2-3 years of that experience within the Application Security domain.
- Previous Application Security Service or Product Owner experience
- Experience working in both Waterfall and Agile environments
- Enterprise level experience including managing and successfully delivering cross-functional initiatives.
- Industry recognized certifications such as CISSP, CISM, CISA.
- A university degree in Information or Technology Management or equivalent work experience.
- Demonstrable experience in implementing strategic plans and managing an information security program.
- Advanced understanding an experience in managing business processes and budgeting.
This role typically operates within a normal office environment with the requirement for some travel. Work may require extended and/or non-traditional work hours in order to deal with complex security situations.
Security Vison and Roadmap
Own the US Security Vision and Roadmap for the Application Security Domain, including technologies such as Fortify, Aqua container security, Veracode, SonarQube, Black Duck software composition analysis, Salesforce security, and Azure DevOps.
- Subject Matter Advisor on security practice and controls related to code security, security training, SDLC Integration, API security, Static and Dynamic Testing, Pen Testing, WAF, RASP, BOTs, and OWASP.
- Act as Information Security liaison between Application Development groups and Security.
- Reviews code and makes recommendations for security improvements.
- Understand the business model and ecosystem around Application Security products and services including audit controls, operations, business managed applications, and technical implementation.
- Collaborate with Enterprise Application Security Service Management to influence Enterprise roadmaps to address US Region needs and to identify where US Region will participate in Enterprise roadmap implementations.
- Maintain US Region Application Security Services Catalog.
Security Service Performed by the US
- The US Region Application Security Advisor will be accountable for some security services that are entirely supported by engineering resources within the US Region.
- Lead annual and quarterly planning events and participate in Team Sprint planning.
- Own and prioritize Service/Team Backlogs.
- Participate in team standups and help eliminate team blockers to getting work completed.
- Incorporate feedback from customers as input into quarterly and annual planning.
- Develop and report on Application Security metrics and KPIs.
- Identify security services that should be transitioned to the Enterprise and collaborate with the appropriate Enterprise Security Service owners to define service transition timeline, SLA’s, and associated effort.
- Ensure all necessary hardware, service contracts or maintenance contracts required to maintain the service are current and renewed as required.
- Ensure mutually agreed upon RACI exist with the Enterprise as well as monthly SLAs defined, captured and reported.
- Participate in any planning activities with Enterprise Security Services representing US interests.
- Collaborate with Enterprise Security Service Owners to ensure roadmaps are inclusive of US Region initiatives.
- Ensure Reg-W compliance for any services provided by the Enterprise.
- Follow Third Party Risk Management (TPRM) processes and best practice to manage and renew Third Party services contracts ahead of expiration.
Leadership and Cross-Functional Relationships
- Recruiting and hiring of Information Security professionals to support target operating model changes.
- Provides ongoing advice and direction on a variety of complex conceptual or interpretative issues.
- Establishing and leveraging peers relationships within the US Region and parent bank organizations.
- Will be required to foster relationships with middle to senior management, and senior executives across a range of functions including Risk Management and Technology.
Qualified candidates should send their resumes [email protected]
V-Soft Consulting is a trusted partner with experience across diverse technology stacks to help business get IT done. What makes V-Soft different? Our expertise is derived from over 20 years of delivering world-class IT staffing, consulting, engineering, and managed services to Fortune 1000 and mid-market companies in the U.S., Canada, and Asia.
V-Soft is headquartered in Louisville, KY with strategic locations in India, Canada, and across the U.S., including Madison, Chicago, Denver, Harrisburg, and Atlanta. V-Soft has been recognized among the top 100 fastest growing staffing companies in North America and is known for the ability to provide highly qualified consultants for any project at any scale. V-Soft has a wide variety of partnerships across diverse technology stacks, and holds such titles as MuleSoft Certified Delivery Resource, Oracle Gold Partner, ServiceNow Partner, Microsoft Partner, and Cisco Registered Partner, amongst many others.
For more information or to view all our open jobs, please visit www.vsoftconsulting.com or call (844) 425-8425.
