Application Security Lead Specialist

Huntsville, AL - USA

Monthly Salary: Not Disclosed

Posted on: 2 hours ago

Vacancies: 1 Vacancy

Job Summary

Job Title: Application Security Lead Specialist
Location: Huntsville Alabama
Experience: 12 Years
Employment Type: Contract
Interview Type: In-Person or Webcam

Job Description

We are seeking an experienced Application Security Lead Specialist with strong expertise in security architecture secure software development vulnerability management and risk mitigation for enterprise applications. The ideal candidate will lead application security practices collaborate with engineering teams and implement best-in-class security controls across the SDLC.

Key Responsibilities

Lead the application security program and define security standards policies and best practices.
Perform security architecture assessments threat modeling and design reviews for new and existing applications.
Conduct secure code reviews penetration testing vulnerability scanning and analysis of security findings.
Collaborate closely with development DevOps QA and product teams to integrate security into the SDLC.
Manage and prioritize remediation of vulnerabilities and guide engineering teams on mitigation strategies.
Drive implementation of security automation and tooling across CI/CD pipelines.
Evaluate and integrate third-party security technologies and frameworks.
Prepare security documentation risk assessments and executive-level reporting.
Train internal teams on secure coding practices and application security awareness.
Ensure compliance with security and regulatory requirements such as NIST ISO FedRAMP or similar frameworks.

Required Qualifications

12 years of IT experience with at least 7 years in Application Security.
Strong hands-on experience with security testing tools such as SAST DAST IAST SCA (examples: Veracode Checkmarx Fortify Burp Suite OWASP ZAP).
Deep knowledge of OWASP Top 10 secure SDLC threat modeling and secure architecture principles.
Experience with Cloud environments such as AWS Azure or GCP security controls.
Strong background in DevSecOps CI/CD pipelines and automation.
Proficiency with programming languages such as Python JavaScript or similar for code review.
Experience with API and microservices security.
Familiarity with regulatory standards and compliance frameworks.
Excellent communication and stakeholder management skills.
Preferred certifications: CISSP CSSLP CEH OSCP or GWAPT.

Job Title: Application Security Lead Specialist Location: Huntsville Alabama Experience: 12 Years Employment Type: Contract Interview Type: In-Person or Webcam Job Description We are seeking an experienced Application Security Lead Specialist with strong expertise in security architecture secure sof...

Job Title: Application Security Lead Specialist
Location: Huntsville Alabama
Experience: 12 Years
Employment Type: Contract
Interview Type: In-Person or Webcam

Job Description

Key Responsibilities

Lead the application security program and define security standards policies and best practices.
Perform security architecture assessments threat modeling and design reviews for new and existing applications.
Conduct secure code reviews penetration testing vulnerability scanning and analysis of security findings.
Collaborate closely with development DevOps QA and product teams to integrate security into the SDLC.
Manage and prioritize remediation of vulnerabilities and guide engineering teams on mitigation strategies.
Drive implementation of security automation and tooling across CI/CD pipelines.
Evaluate and integrate third-party security technologies and frameworks.
Prepare security documentation risk assessments and executive-level reporting.
Train internal teams on secure coding practices and application security awareness.
Ensure compliance with security and regulatory requirements such as NIST ISO FedRAMP or similar frameworks.

Required Qualifications

12 years of IT experience with at least 7 years in Application Security.
Strong hands-on experience with security testing tools such as SAST DAST IAST SCA (examples: Veracode Checkmarx Fortify Burp Suite OWASP ZAP).
Deep knowledge of OWASP Top 10 secure SDLC threat modeling and secure architecture principles.
Experience with Cloud environments such as AWS Azure or GCP security controls.
Strong background in DevSecOps CI/CD pipelines and automation.
Proficiency with programming languages such as Python JavaScript or similar for code review.
Experience with API and microservices security.
Familiarity with regulatory standards and compliance frameworks.
Excellent communication and stakeholder management skills.
Preferred certifications: CISSP CSSLP CEH OSCP or GWAPT.