Cincinnati Bell Lead Security in Cincinnati, Ohio

Lead Security

Lead Security

August 24, 2018

Security-Cincinnati

Are you looking to make significant strategic contributions and receiving the rewards and recognition that you deserve? CBTS is a recognized leader in global IT professional services that delivers the best talent, drives innovations, yields tangible savings and builds sustainable value.

CBTS is currently searching for a Lead Application Security Engineer that will be responsible for creating and managing the process, procedures and tooling of the application security program. This is a leadership, as well as hands-on, role requiring an application security professional who has a solid background in application development and coding experience, combined with an understanding of Information Security and Secure Coding / Secure Software Development principles. As the Application Security program is built, this role will be responsible for driving the build-out of standards and collaborating with the Business Units to implement those standards and tools.

Responsibilities and Duties:

  • Work in conjunction with the Architecture team to lead the development of the Application Security program for the Enterprise

  • Provide strong leadership and cross-functional / stakeholder communications

  • Work with the Architecture team to select and lead deployment of tools as necessary to expand the program. Integrate those into the SDLC for automation and assistance to developers.

  • Execute the scanning tools. Reviewing results and coordinating with the Application Development teams the tracking and remediation of findings.

  • Assist the Development teams with code reviews and integrating security into the multiple SDLC processes.

  • Work with the internal Cyber Threat Team on scheduling penetration tests of critical applications and work with those development teams on remediation of findings.

  • Work with architecture teams to build, execute, and track a roadmap of Application Security maturity

  • Build and maintain documentation related to the application security program including the development of, or updates to, new or currently established baselines for secure application development.

  • Build relationships with the key teams in the enterprise including: application development teams, project management organization, hosting, and information security

  • Escalate to senior leadership any major concerns with applications in the organization due to security risk. These can be detected through tools, manual or third party testing • Track metrics and the reporting of those metrics to help the organization understand the program success

  • Evaluate new security trends and technologies

  • Participate as necessary as a subject matter expert in the incident response program as well as other enterprise wide application programs.

  • Consulting with Business Unit Application Development teams on best practices • Other duties as assigned.

Qualifications and Skills:

  • Bachelor’s degree in related discipline with 5 or more years experience

  • Experience working within a Secure SDLC environment

  • Experience with application assessment tools (SAST and DAST)

  • Experience with application security tools (WAF, etc.)

  • Excellent communication skills and the ability to develop and leverage effective relationships with developers, business leaders, stakeholders, and externally

  • Strong collaboration, communication, problem solving, documentation, conceptual and analytical skills

  • Experience with service or program building including metrics and operations

  • Able to work at high level of autonomy in a dynamic environment

  • Experience with DevOps, Agile SDLC processes

  • Experience working in a complex, distributed enterprise environment

  • Ability to prioritize and manage work to critical project timelines in a fast-paced environment

  • Strong sense of personal accountability

  • Ability to learn and apply new technologies quickly and self-directed

Cincinnati Bell Technology Solutions provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws

EOE-Veterans/Disability