Cybersecurity Practice Lead – AppSec
Coveros employees share a passion for Application Security and DevOps and look to add a like minded, hands-on Technical Manager to our growing team.
Joining Coveros with expertise in Application Security, you will lead our Cybersecurity practice and drive solutions that leverage the best of breed methods in agile, DevOps, and cybersecurity. This role provides an individual, who wishes to remain hands-on with technology, an additional opportunity to lead a team of consultants to coach, train, and implement DevSecOps practices and culture across a variety of clients.
You enjoy a range of approaches to conduct threat and vulnerability assessments. Leveraging network, API and web application security penetration testing, and social engineering, you will analyze risks, vulnerabilities, and exploits of mission-critical applications. Your expertise in using code analysis to identify defects in source code and to attempt to exploit vulnerabilities positions you as a Subject Matter Expert capable to coach and to mentor junior team members to deliver high-quality work in support of the Cybersecurity practice.
By creating and delivering technical training, presenting internal knowledge sharing topics, and authoring blogs, you actively contribute to organizational Thought Leadership. For an individual who looks to perform as the technical Security SME on Agile/DevSecOps software development projects, you won’t be disappointed in the multitude of opportunities to grow professionally as a Coveros Practice Lead.
- BS/MS in CS, Software Engineering, or an equivalent technical degree
- Demonstrated problem solving, analytical skills and technical troubleshooting skills
- 10+ years of software development or scripting experience
- 7+ years of professional services consulting experience
- 6+ years of experience in Linux and UNIX administration
- 6+ years of performing advance-level penetration testing
- 6+ years of performing automated and manual Web security reviews
- 4+ years of experience leading small technical teams in an operational setting to include assigning or overseeing tasks and providing technical support
- Familiarity with security testing tools, like OWASP ZAP, IBM App Scan, Fortify, Checkmarx, Contrast, Metasploit, Burp Suite, Core Impact
- Knowledge of databases including but not limited to Oracle and SQL
- Experience leading threat modeling on applications and systems
- Demonstrated professional experience with Agile methodologies and software development
- Ability to support internal and external customers on multiple platforms
- Proven ability to write clear and concise documentation
- Experience with Threat Modeling and preventing common vulnerabilities and hacks
- Excellent written and verbal communication skills
- Ethical hacking certification(s)
- Technical Knowledge
- Apply expertise in network operating systems, OSI model, network port, and protocol and service work to assess networks, operating systems, applications and services for vulnerabilities and exploits
- Perform hands-on application security penetration testing and help design and improve the security testing artifacts and process: Create security testing plans and test cases
- Analyze security configurations and implementation to determine if they ensure resiliency and protect customer data
- Project Leadership
- Make recommendations for appropriate remediation and post-remediation risk evaluation
- Lead and train a growing practice of cybersecurity professionals
- Actively coach and mentor team members in delivering high-quality work in support of the Cybersecurity practice
- Actively develop skills and capabilities of those more junior
Coveros is an equal opportunity employer, dedicated to a policy of non-discrimination in employment on any basis including age, sex, color, race, creed, national origin, religion, marital status, sexual orientation, political belief, or disability.