Director, Application Security at Plex Systems in Remote
Description Director, Application Security Want to work with fearless innovators, visionaries, and community-minded people who challenge the status quo? We do too. Plex is more than a software company -- we're a team of disruptors who are driving innovation and unlocking the promise and value of smart manufacturing. It isn't a trend or a moment, it's a movement. And we're leading it, but we can't lead it alone. That's where you come in. Plex Systems, Inc. delivers the first smart manufacturing platform, helping the world's leading innovators to make awesome products. Built in the cloud, the Plex Smart Manufacturing Platform includes MES, ERP, supply chain management, Industrial IoT, and analytics. We believe that anything that can be made can be made better, and we are focused on finding the right people to help us achieve the big important tasks ahead. Is that person you? In support of our ongoing growth, we are looking for an Application Security Director. Reporting directly to the Plex CSO, you will provide technical leadership for our Security Development Lifecycle by establishing clear direction, a dynamic security culture, and measurable goals to continually improve our application security strategy. In this hands-on role, you will oversee adoption of our SAST, drive risk-based timely remediation of gaps, ensure alignment to security NFRs, and audit for compliance to policy and external requirements. You'll approach application security with a pragmatic perspective of risk management and avoid purely academic thinking about software security. WHAT'S YOUR IMPACT? Own the complete adoption of our SAST in the CI/CD pipeline and risk quantification and management of DAST and other relevant code-scanning results Work with development teams to ensure NFRS are built into new products from the design phase Work with engineering teams to make architectural decisions Support incident response as needed Manage penetration testing services Manage and track remediation activities in Confluence Evangelize security best practices within the development teams and build security expertise across the organization Develop KPIs and drive continuous improvement Look for training opportunities to continue building a best-in-class product development group Manage regular vulnerability remediation reviews with the product development teams and present weekly status reports to Plex CSO IS IT IN YOU? A completed bachelor's degree in Computer Science, Software Engineering or related technical field is required 5
years of progressively more complex AppSec Strong leadership skills and effective management of highly technical individuals In-depth experience with common security tools such as Sonarqube, WhiteHat and JFrog, across SAST, DAST, IAST, and PenTest vendors Advanced knowledge of OWASP Top 10 and CWE/SANS Top 25 listings as well as practical, hands-on experience with the development, testing, and remediation of software security issues Familiarity with agile development processes and experience integrating secure development best practices into an agile model, Microsoft SDL experience a plus Software engineering experience with Microsoft and/or Java web applications, specific experience with ASP.NET, Angular, and Apache/Tomcat a plus Familiarity with industry standards and regulations including but not limited to ISO27001 and NIST CFS Strong personal ethics and understanding of ethics in Application and Information Security CISSP strongly desired WHAT'S IN IT FOR YOU? We are proud to be recognized as one of the top workplaces in the tech industry. Our inviting culture fosters collaboration, innovation, and motivates team members to take on important work, every day.
Salary Range:
$200K -- $250K
Minimum Qualification
Systems Architecture & Engineering, Technology ManagementEstimated Salary: $20 to $28 per hour based on qualifications.
years of progressively more complex AppSec Strong leadership skills and effective management of highly technical individuals In-depth experience with common security tools such as Sonarqube, WhiteHat and JFrog, across SAST, DAST, IAST, and PenTest vendors Advanced knowledge of OWASP Top 10 and CWE/SANS Top 25 listings as well as practical, hands-on experience with the development, testing, and remediation of software security issues Familiarity with agile development processes and experience integrating secure development best practices into an agile model, Microsoft SDL experience a plus Software engineering experience with Microsoft and/or Java web applications, specific experience with ASP.NET, Angular, and Apache/Tomcat a plus Familiarity with industry standards and regulations including but not limited to ISO27001 and NIST CFS Strong personal ethics and understanding of ethics in Application and Information Security CISSP strongly desired WHAT'S IN IT FOR YOU? We are proud to be recognized as one of the top workplaces in the tech industry. Our inviting culture fosters collaboration, innovation, and motivates team members to take on important work, every day.
Salary Range:
$200K -- $250K
Minimum Qualification
Systems Architecture & Engineering, Technology ManagementEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
