Lead Applications Security Engineer

Lead Applications Security Engineer page is loaded

Lead Applications Security Engineer

Apply

locations

Remote - Tennessee

USA-CT Remote

USA-MO Remote

USA-OR Remote

USA-CO Remote

time type

Full time

posted on

Posted 19 Days Ago

job requisition id

R-155314

The

Opportunity:
Avantor’s Lead Application Security Engineer is responsible for the planning, design and implementation of application security architectures; oversees the implementation application security and ensures compliance with corporate cybersecurity policies and procedures. Assist in responding to inquiries about Avantor’s application security practices to customers and potential customers. Review, update, and develop Avantor’s security policies and standards to align with leading practices, compliance requirements, and regulatory requirements. Participate in application security related incident response activities during business hours. Configure web application firewall rules. Conduct code reviews to ensure remediation of vulnerabilities were implemented appropriately. Oversee the regular scanning of Avantor’s applications using various automated application security tools, covering Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), etc.

What we're looking for

Education:

Bachelor’s degree in computer science, Information Security, or a related field, or equivalent real-world experience.
Industry certifications

such as Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP), or equivalent certifications or trainings are a plus, but not required.
5+ years of experience in application security , with a proven track record of leading security assessments and projects.
5+ years in software development

or adjacent fields, with expertise in Java or PHP preferred.
In-depth knowledge and understanding of compliance standards such as CMMC, PCI DSS, HIPAA, or GDPR
In-depth knowledge of security standards such as ISO 270001, NIST CSF (CyberSecurity Framework), and/or NIST 800-171.
Extensive familiarity with OWASP SAMM v2
Familiarity with operational technology security concepts and practical experience in this domain.
Who you are

You can identify and mitigate complex security vulnerabilities in web, mobile applications, and/or embedded applications.
Knowledgeable of security leading practices, advanced authentication mechanisms, and encryption techniques.
Exceptional communicator with collaboration skills to effectively lead and collaborate with teams and present security findings to technical and non-technical stakeholders.
Works independently and as part of a team, with a proactive attitude toward problem-solving.
You have a passion for application security and a commitment to staying up-to-date with the latest industry trends.
How you will create an impact

Lead and conduct comprehensive security assessments of our software applications, identifying vulnerabilities and potential risks in alignment with industry standards like CMMC, PCI, HIPAA, and GDPR
Mentor and collaborate with development teams, guiding them to integrate security best practices throughout the secure software development lifecycle (SSDLC).
Utilize your extensive background in software development to identify and address security vulnerabilities effectively.
Design and implement advanced security controls, authentication mechanisms, and encryption techniques to protect sensitive data and ensure compliance with relevant regulations.
Create security requirements to go along with business requirements during the development lifecycle.
Guide the business in prioritization of security features that are requested by customers and improve protection of our customers and their data.
Stay informed about the evolving threat landscape, security trends, and compliance requirements to continually enhance our application security posture and guide the team accordingly.
Lead standardization of security features across application platforms.
Assist in driving initiatives to reduce technical debt that creates risk.
Collaborate cross-functionally to interpret and implement security measures in accordance with applicable data privacy laws and regulations.
Develop and design policies, processes, and procedures to provide guidance to software teams to help build our software more securely.
Mentor junior application security team members.
Lead initiatives to advance our OWASP SAMM v2 maturity level.
#LI-Remote

Disclaimer:
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position. Avantor is proud to be an equal opportunity employer.
Why Avantor?
Dare to go further in your career.

Join our global team of 14,000+ associates whose passion for discovery and determination to overcome challenges relentlessly advances life-changing science.

The work we do changes people's lives for the better.

It brings new patient treatments and therapies to market, giving a cancer survivor the chance to walk his daughter down the aisle. It enables medical devices that help a little boy hear his mom's voice for the first time. Outcomes such as these create unlimited opportunities for you to contribute your talents, learn new skills and grow your career at Avantor.

We are committed to helping you on this journey through our diverse, equitable and inclusive culture which includes learning experiences to support your career growth and success. At Avantor, dare to go further and see how the impact of your contributions set science in motion to create a better world.

Apply today!
Pay Transparency:
The expected pre-tax pay for this position is
$99,000.00 - $164,000.00

Actual pay may differ depending on relevant factors such as prior experience and geographic location.
EEO Statement:
We are an Equal

Employment/Affirmative

Action employer and VEVRAA Federal Contractor. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state/province, or local law.
If you need a reasonable accommodation for any part of the employment process, please contact us by email at

[email protected]

and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.
For more information about equal employment opportunity protections, please view the

Equal Employment Opportunity is THE LAW Poster

,

EEO is the Law Poster Supplement

, and

Pay Transparency Non-Discrimination Provision

.
3rd Party Non-Solicitation Policy:
By submitting candidates without having been formally assigned on and contracted for a specific job requisition by Avantor, or by failing to comply with the Avantor recruitment process, you forfeit any fee on the submitted candidates, regardless of your usual terms and conditions. Avantor works with a preferred supplier list and will take the initiative to engage with recruitment agencies based on its needs and will not be accepting any form of solicitation.

Avantor, a Fortune 500 company, is a leading global provider of mission-critical products and services to customers in the biopharma, healthcare, education & government, and advanced technologies & applied materials industries. Our portfolio is used in virtually every stage of the most important research, development and production activities in the industries we serve. One of our greatest strengths comes from having a global infrastructure that is strategically located to support the needs of our customers. Our global footprint enables us to serve more than 225,000 customer locations and gives us extensive access to research laboratories and scientists in more than 180 countries. We set science in motion to create a better world.

#J-18808-Ljbffr