Skip Navigation
Search

Search Our Jobs

Application Security Director

Draper, UT
Glassdoor Banner

The Application Security Director leads a team that works to provide engineering and product teams with the security expertise necessary to make secure application decisions.  The team manages our code vulnerabilities programs including red teaming, manual review, and static and dynamic code analysis.  This role will not only require leadership expertise to lead a team, but will also require hands-on application security expertise.

What You'll Do:

  • Own and execute the vision for Application Security across the company
  • Accountable for the overall implementation of the Application Security Process
  • Serve as a Trusted Partner to educate Development Teams on Security Best Practices
  • Drive the identification process for identifying security vulnerabilities, designing and executing on remediation plans involving the acquisition, design, test, integration, and implementation of advanced security tools
  • Develop security tools to find or fix security issues.  Use both automated and manual testing tools to find and validate vulnerabilities in our applications
  • Drive teams that execute programmatic scans, pen-testing, red/blue/purple teaming, offensive security testing, threat modeling and bug bounty programs
  • Assist development and operational teams in the appropriate application of security best practices and the use of advanced security technologies
  • Internally recognized as highly competent in security areas, will review and participate in benchmarking, installation, upgrade, configuration, deployment and testing activity
  • Investigate innovative approaches to improve software security
  • Working knowledge of Secure SDL
  • Knowledge of SAST and DAST
  • Review and consult on security risks of Mobile, Web, and Cloud stacks
  • Provide executive summary reports of assurance metrics to leadership with a comprehensive inventory of the attack surface, the state of testing and defensive coverage of surfaces, and real-time accounting of open risks within each application  
  • Familiarity with industry changes in security standards, information governance, development standards, methods and emerging 3rd party security software in order to advise on security and leverage industry best practice in the design and construction of products
  • Familiarity with regulatory requirements, security certifications, and Security/Privacy Design concepts
  • Create a center of expertise and forum for common application security design and reuse
  • Participate in the definition and documentation of security standards and best practices

Minimum Experience & Qualifications:

  • Demonstrated technical expertise and understanding of modern development, languages, and cloud platforms
  • Minimum of five years' experience managing a SDL (Secure Software Development Life Cycle) that integrates security into all stages of software development process for a large development organization
  • Bachelor's degree in computer science or related discipline, or equivalent work experience
  • Minimum of 10 years' experience in Information/Cyber Security field
  • Minimum of 10 years' experience as a lead engineer or engineering manager or enterprise Tech solutions architect
  • Master's degree in business or computer science is highly desired
  • CISM, CISSP, OSCP, CEH preferred
  • Demonstrated mastery of multiple security platform categories
  • Demonstrated knowledge of secure build and configuration standards in a highly regulated environment
  • Excellent communication and interpersonal skills. Including a strong ability to create positive and professional business relationships with partner engineering and architecture teams across Tech
  • Strong commitment to working as a team and providing excellent customer service

Compensation, Perks & Benefits:

  • Competitive Compensation with Bonus Potential
  • Full Health Benefits - Medical/Dental/Vision
  • 401k, Paid Time Off and Tuition Reimbursement
  • Full Service Gym, Game and Lounge Area, Basketball Court
  • Free Healthy Snacks and Refreshments
  • Subsidized Public Transit
  • Fun and Relaxed Work Environment

WHO IS PROGRESSIVE LEASING?

Prog Leasing, LLC, a wholly-owned subsidiary of Aaron’s, Inc (NYSE: AAN), is the largest and longest-tenured virtual lease-to-own provider in the United States. The company’s mission is to provide simple and affordable purchase options for credit-challenged consumers. Over the last 19+ years, Progressive Leasing’s fair and transparent NO CREDIT NEEDED lease-to-own option has helped millions of customers and their families, even if they have less-than-perfect credit or an inability to pay for their purchase upfront. Progressive has also helped more than 27,000 retail stores drive increased revenue and improve customer satisfaction. Learn more athttp://www.progleasing.com.

Progressive Leasing does notdiscriminatein any aspect of employment on the basis of race, color, religion, national origin, ancestry, gender, sexual orientation, gender identity and/or expression, age, veteran status, disability, or any other characteristic protected by federal, state, or local employment discrimination laws where Progressive Leasing does business.