Spectrum
Principal Security Engineer I - Application Security
Spectrum, Greenwood Village, Colorado, United States,
This posting has been extended beyond the initial anticipated closing date.
JOB SCOPEThis position will be responsible for running, maturing and growing the Charter / Spectrum Application Security Scanning program. Actively identifies, evaluates and implements industry leading application security tools and techniques. Maintains and updates application security processes and procedures, mentors other engineering members of the team and validates scan results for accuracy and completeness.
DUTIES AND RESPONSIBILITIESResponsible for evolving, expanding and operating the Spectrum Application Security activities in the Vulnerability Management team.Demonstrate application security scanning subject matter expertise across system, application, container, and cloud workloads (AWS preferred).Provide executive level communication of Vulnerability Management information with system owners, executive stakeholders and security management.Develop and publish KPI’s that monitor the efficacy of the Vulnerability Management activities.Be able to analyze the results of application scans, understand the results, eliminate false positives, and advise coding best practices.Develop best practices for detecting and remediating secrets including API keys and other credentials.Maintain effective processes and procedures for Static and Dynamic code analysis (SAST/DAST), Software Bill of Materials (SBOM), and Software Composition Analysis (SCA).Thorough understanding of Web application security concepts, principles and guidelines, such as OWASP.Work collaboratively with all levels of the business.Adhere to industry specific local, state, and federal regulations, as applicable.
BASIC / MINIMUM QUALIFICATIONSBachelor's Degree in Computer Science, Information Security or related field and/or related work experienceMinimum of Eight (8) years of IT/Network Engineering experienceMinimum of Eight (8) years of Cyber Security experienceADDITIONAL JOB QUALIFICATIONSExperience with scanning tools such as: Qualys, Tenable, Rapid 7, Veracode, PrismaCloud, etc.Previous experience in a Security Operations teamPREFERRED QUALIFICATIONSCISSP certification or other relevant security certificationsWORKING CONDITIONSOffice EnvironmentMinimal Travel Required
#J-18808-Ljbffr
JOB SCOPEThis position will be responsible for running, maturing and growing the Charter / Spectrum Application Security Scanning program. Actively identifies, evaluates and implements industry leading application security tools and techniques. Maintains and updates application security processes and procedures, mentors other engineering members of the team and validates scan results for accuracy and completeness.
DUTIES AND RESPONSIBILITIESResponsible for evolving, expanding and operating the Spectrum Application Security activities in the Vulnerability Management team.Demonstrate application security scanning subject matter expertise across system, application, container, and cloud workloads (AWS preferred).Provide executive level communication of Vulnerability Management information with system owners, executive stakeholders and security management.Develop and publish KPI’s that monitor the efficacy of the Vulnerability Management activities.Be able to analyze the results of application scans, understand the results, eliminate false positives, and advise coding best practices.Develop best practices for detecting and remediating secrets including API keys and other credentials.Maintain effective processes and procedures for Static and Dynamic code analysis (SAST/DAST), Software Bill of Materials (SBOM), and Software Composition Analysis (SCA).Thorough understanding of Web application security concepts, principles and guidelines, such as OWASP.Work collaboratively with all levels of the business.Adhere to industry specific local, state, and federal regulations, as applicable.
BASIC / MINIMUM QUALIFICATIONSBachelor's Degree in Computer Science, Information Security or related field and/or related work experienceMinimum of Eight (8) years of IT/Network Engineering experienceMinimum of Eight (8) years of Cyber Security experienceADDITIONAL JOB QUALIFICATIONSExperience with scanning tools such as: Qualys, Tenable, Rapid 7, Veracode, PrismaCloud, etc.Previous experience in a Security Operations teamPREFERRED QUALIFICATIONSCISSP certification or other relevant security certificationsWORKING CONDITIONSOffice EnvironmentMinimal Travel Required
#J-18808-Ljbffr