Skip to main content

Senior Director of Application Security (Hybrid) Draper, Utah

Apply Now

The Senior Application Security Director (Remote) leads a team that works to provide engineering and product teams with the security expertise necessary to make secure application decisions.  The team manages our code vulnerabilities programs including red teaming, manual review, and static and dynamic code analysis.  This role will not only require leadership expertise to lead a team, but will also require hands-on application security expertise.

This role will be a fully remote position.

ESSENTIAL FUNCTIONS

  • Own and execute the vision for Application Security across the company
  • Accountable for the overall implementation of the Application Security Process
  • Serve as a Trusted Partner to educate Development Teams on Security Best Practices.
  • Drive the identification process for identifying security vulnerabilities, designing and executing on remediation plans involving the acquisition, design, test, integration, and implementation of advanced security tools
  • Develop security tools to find or fix security issues.  Use both automated and manual testing tools to find and validate vulnerabilities in our applications
  • Drive teams that execute programmatic scans, pen-testing, red/blue/purple teaming, offensive security testing, threat modeling and bug bounty programs
  • Assist development and operational teams in the appropriate application of security best practices and the use of advanced security technologies
  • Internally recognized as highly competent in security areas, will review and participate in benchmarking, installation, upgrade, configuration, deployment and testing activity
  • Investigate innovative approaches to improve software security
  • Working knowledge of Secure SDL
  • Knowledge of SAST and DAST
  • Review and consult on security risks of Mobile, Web, and Cloud stacks
  • Provide executive summary reports of assurance metrics to leadership with a comprehensive inventory of the attack surface, the state of testing and defensive coverage of surfaces, and real-time accounting of open risks within each application
  • Familiarity with industry changes in security standards, information governance, development standards, methods and emerging 3rd party security software in order to advise on security and leverage industry best practice in the design and construction of products
  • Familiarity with regulatory requirements, security certifications, and Security/Privacy Design concepts
  • Create a center of expertise and forum for common application security design and reuse
  • Participate in the definition and documentation of security standards and best practices

REQUIRED QUALIFICATIONS

  • Demonstrated technical expertise and understanding of modern development, languages, and cloud platforms
  • Minimum of five years' experience managing a SDL (Secure Software Development Life Cycle) that integrates security into all stages of software development process for a large development organization
  • Bachelor's degree in computer science or related discipline, or equivalent work experience
  • Minimum of 10 years' experience in Information/Cyber Security field
  • Minimum of 10 years' experience as a lead engineer or engineering manager or enterprise Tech solutions architect

PREFERRED SKILLS & EXPERTISE

  • Master's degree in business or computer science is highly desired
  • CISM, CISSP, OSCP, CEH preferred
  • Demonstrated mastery of multiple security platform categories
  • Demonstrated knowledge of secure build and configuration standards in a highly regulated environment
  • Excellent communication and interpersonal skills. Including a strong ability to create positive and professional business relationships with partner engineering and architecture teams across Tech
  • Strong commitment to working as a team and providing excellent customer service

WHAT WE OFFER 

  • Competitive Compensation; Eligible for STI + LTI 
  • Full Health Benefits; Medical/Dental/Vision/Life Insurance + Paid Parental Leave
  • Company Matched 401k
  • Paid Time Off + Paid Holidays + Paid Volunteer Time
  • Diversity Alliance Resource Groups
  • Employee Stock Purchase Program
  • Tuition Reimbursement
  • Charitable Gift Matching
  • Job Required Equipment & Services Will Be Provided

WHO WE ARE 

Progressive Leasing (NYSE: PRG) is the largest and longest-tenured virtual lease-to-own provider in the United States. The Company’s mission is to provide simple and affordable purchase options for credit challenged consumers. Over the last 20+ years, Progressive Leasing’s alternative lease-purchase options have helped millions of customers with less than perfect credit acquire needed items with ease. Progressive partners with 30,000retail stores, helping to drive increased revenue and improve customer satisfaction. Learn more at ProgLeasing.com.

Progressive Leasing welcomes and encourages diversity in the workplace. We do not discriminate in any aspect of employment on the basis of race, color, religion, national origin, ancestry, gender, sexual orientation, gender identity and/or expression, age, veteran status, disability, or any other characteristic protected by federal, state, or local employment discrimination laws where Progressive Leasing does business.

Apply Now