Information Security Intern assisting with components of Benjamin Moore's information security program. Responsibilities include documentation, compliance monitoring, and forensic analysis.
About the role
- Senior Application Security Engineer responsible for ensuring secure development practices at Ventura Foods. Collaborating with engineering teams to enhance application security through various assessments.
Responsibilities
- Manage and develop the application security program by developing the program, working with peers and stakeholders to adopt the program(s) and grow and manage the team as needed
- Develop and implement a Threat Modeling program that drives a Secure by Design SDLC process while working to train and educate stakeholders
- Identify, document, rate, and communicate vulnerabilities in terms of Confidentiality, Integrity and Availability
- Undertake static and dynamic application security assessments for Ventura Foods Entities
- Assess applications for vulnerabilities using manual and automated methods, threat modeling, code reviews, SAST/DAST/Open-Source tool scans, penetration testing
- Develop, curate, and improve application security detections (static and dynamic) to identify vulnerabilities at scale
- Facilitate conversations between developers and security teams to further the security of Ventura Foods software
- Mentor and train developers on secure code best practice
Requirements
- 8 years of work experience with a Bachelor’s Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD)
- 3+ years of relevant application security experience
- Deep understanding of OWASP Top 10 and CWE 25; with experience in implementing remediation strategies
- Deep knowledge and experience in using SAST, DAST and Open-Source Vulnerability Scanning tools
- Hands-On experience with any programming language (React, C#, JavaScript, Java, Go, Python, etc)
- Well versed in web application design, penetration testing, application risk assessment and risk categorization
- Well versed with driving and implementing DevSecOps practices in to develop ability to successfully integrate security into a developer's world
- Ability to effectively present and communicate security threats and risks to ANY audience and impress upon them the mitigation techniques and strategies
- Solid problem solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution
Benefits
- Medical, Prescription, Dental, & Vision – coverage beginning on your 1st day for eligible employees
- Profit Sharing and 401(k) matching (after eligible criteria is met)
- Paid Vacation, Sick Time, and Holidays
- Employee Appreciation Events
- Employee Assistance Programs
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Specialist in Information Security at Lojas Renner responsible for monitoring and addressing security incidents. Collaborating with various teams on data protection strategies and leadership preparation.
Cybersecurity Specialist at Caixa Vida e Previdência ensuring safety in various technology solutions. Collaborating with teams to implement security measures and respond to incidents.
GRC Analyst enhancing governance, risk, and compliance practices within Sword, focusing on cybersecurity standards and configuration management.
Técnico de Segurança do Trabalho at Cia do Treinamento responsible for training clients on safety regulations and conducting safety assessments. Seeking professionals passionate about safety and compliance across Brazil.
Ingénieur en sécurité physique participant à des projets d’envergure au sein de Stantec. Analysant besoins, concevant systèmes de sécurité et préparant documentation technique.
System Security Engineer strengthening cybersecurity posture across on - premise and hybrid environments. Focused on Windows infrastructure security, identity management, and compliance.
Security Testing Lead overseeing application security testing activities at Computer World Services. Ensuring continuous identification and remediation of application security risks through dynamic testing methods.
IS Security Administrator managing all aspects of cyber security and data protection at Avita Health System. Responsible for risk assessments and IT security strategies across various platforms.
Senior Security Engineer strengthening security at fintech startup Flanks, focusing on security initiatives and practices across applications and infrastructure.