Application Security Lead

OneAmericaIT & Cybersecurity 6-8 Years

Job Description

The Application Security Lead will be responsible for leadership and execution of the OneAmerica application security efforts across OneAmerica. The role is accountable for developing the strategic direction, implementation of application security processes, and interfacing with all stakeholders including developers, Information Security, Architecture, and IT Leadership. This position reports to Director of Application Engineer, is dotted line to the CISO.

Responsibilities include:
•Develop, implement, execute, and monitor an application security program to ensure the integrity, confidentiality and availability of applications and the information contained therein
•Develop application security standards for web, mobile, and microservices
•Socialize and ensure adoption of such standards within various application development teams
•Partner with our developer team and others to set the course for secure development practices for years to come
•Incorporate security throughout the entire software development lifecycle
•Perform static and dynamic application security testing
•Identify vulnerabilities, including in 3rd party components
•Ensure timely remediation of vulnerabilities and other security issues
•Liaise among enterprise applications and IT security groups

Required Qualifications:
•Bachelor’s degree in computer science or a related business discipline and/or equivalent combination of education and experience
•5 or more years of total experience with 2 or more years of experience in security engineering or application development
•Ability to work across teams and prioritize efforts
•Experience developing, implementing, and optimizing secure solution development lifecycle process
•Experience with application security tools such as IBM Appscan, Burp Suite, OWASP ZAP, CheckMarx, Veracode, Metasploit, etc.
•Experience with programming languages like Java, Python, NodeJS, .NET, VB6, and COBOL
•Experience with frameworks such as Docker / AWS / React / React Native
•Experience working with Continuous Integration tools like Jenkins, Git-based version control, Nexus, and Gradle/Maven scripting
•Innovative with a strong desire to learn and stay updated with respect to new technologies and security vulnerabilities / attacks

Preferred Qualifications:
•Masters or other related advanced degrees
•CSSLP or GWEB Certifications
•Experience in building automation to detect and fix code security issues
•Prior experience in the financial services environment

Note: This position requires 5% - 10% travel

To learn more about our products, services, and the companies of OneAmerica, visit

Disclaimer: OneAmerica is an equal opportunity employer and strictly prohibits unlawful discrimination based upon an individual’s race, color, religion, gender, sexual orientation, gender identity/expression, national origin/ancestry, age, mental/physical disability, medical condition, marital status, veteran status, or any other characteristic protected by law.

Posted On

October 14, 2020