Director, Application Security

Job Description

As the Director of Application Security, you will report directly to the Chief Information Security Officer (CISO) and will be responsible for leading, coaching, and mentoring a dynamic team of security professionals. You will oversee the processes and technologies that empower our global development teams to meet Anthology's stringent security standards, ensuring alignment with our clients' objectives. Your leadership will be pivotal in driving a culture of collaboration and security across the organization. You will build and nurture relationships with key leaders and stakeholders within our product and technology teams, advising them on security control requirements, posture, and best practices. You will take ownership of driving a shift-left mindset, ensuring that security is embedded early in the development lifecycle. The ideal candidate will be a proven leader with a track record in program management, a strong understanding of application security, and a deep expertise in integrating security practices and tools into product development processes. Your ability to inspire, guide, and elevate your team, while ensuring seamless collaboration with cross-functional teams, will be critical to the success of our security strategy. The Candidate: Required skills/qualifications: Strong leadership skills, including experience with project/program management, performance management, initiating and driving high-value process change and continuous improvement, and developing/mentoring teams Minimum of 7 years of prior relevant experience, with at least 2 years experience as a manager or director Experience operating security testing automation and continuous improvement processes with automated testing tools as integrated components of the SDLC to improve software quality across multiple information systems Working knowledge of common application security vulnerabilities, including those cataloged in the OWASP Top 10, SANS CWE Top 25, and implementing processes to prevent, detect, mitigate and remediate vulnerabilities as an ongoingprogram Ability to communicate security posture, risk, and mitigation strategies to technical and non-technical audiences, and act as an evangelist of security objectives to influence decision making at senior management levels in support of business risk management processes and compliance objectives Experience in software engineering and/or product architecture roles, with a working knowledge of application securityarchitectures Experience managing improvement projects and communicating project risk seffectively Demonstrated ability to communicate and collaborate effectively with stakeholders at multiple levels across the organization Fluency in written and spoken English Minimum of bachelors degree in Computer Science or a related field Preferred skills/qualifications: Experience integrating and scaling security testing automation and continuous improvement cycles into the software development process, creating a collaborative and efficient culture across development, security and operations teams Experience managing a security program in a global organization Experience managing technology vendor relationships as an extension of the team and execution of planned projects on schedule and onbudget Familiarity with compliance standards and control catalogs such as ISO 27000 series, NIST 800-53, PCI DSS