Manage and develop the application security program by developing the program, working with peers and stakeholders to adopt the program(s) and grow and manage the team as needed
Develop and implement a Threat Modeling program that drives a Secure by Design SDLC process while working to train and educate stakeholders
Identify, document, rate, and communicate vulnerabilities in terms of Confidentiality, Integrity and Availability
Undertake static and dynamic application security assessments for Ventura Foods Entities
Assess applications for vulnerabilities using manual and automated methods, threat modeling, code reviews, SAST/DAST/Open-Source tool scans, penetration testing
Develop, curate, and improve application security detections (static and dynamic) to identify vulnerabilities at scale
Facilitate conversations between developers and security teams to further the security of Ventura Foods software
Mentor and train developers on secure code best practice

Requirements

8 years of work experience with a Bachelor’s Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD)
3+ years of relevant application security experience
Deep understanding of OWASP Top 10 and CWE 25; with experience in implementing remediation strategies
Deep knowledge and experience in using SAST, DAST and Open-Source Vulnerability Scanning tools
Hands-On experience with any programming language (React, C#, JavaScript, Java, Go, Python, etc)
Well versed in web application design, penetration testing, application risk assessment and risk categorization
Well versed with driving and implementing DevSecOps practices in to develop ability to successfully integrate security into a developer's world
Ability to effectively present and communicate security threats and risks to ANY audience and impress upon them the mitigation techniques and strategies
Solid problem solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution

Benefits

Medical, Prescription, Dental, & Vision – coverage beginning on your 1st day for eligible employees
Profit Sharing and 401(k) matching (after eligible criteria is met)
Paid Vacation, Sick Time, and Holidays
Employee Appreciation Events
Employee Assistance Programs

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

application securityThreat ModelingSecure by Design SDLCvulnerability assessmentstatic application security testing (SAST)dynamic application security testing (DAST)penetration testingsecure codingOWASP Top 10CWE 25

Soft Skills

mentoringcommunicationproblem solvinganalytical skillsteam managementstakeholder engagementtrainingfacilitationpresentation skillscollaboration