Location: Rockville, MD.
Major Purpose: The Application Security Risk Manager (ASRM) is a multi-faceted security role responsible for the identification, tracking, mitigation, remediation, and verification of security vulnerabilities in software, systems, and application services. The successful candidate will combine experience in information security, software development, IT operations, and project management with strong interpersonal skills to ensure that security risks are effectively identified and appropriately addressed.
Essential Job Functions:
Security Risk Management: Monitor the security risk of the organization’s application portfolio. Ensure that all identified security exposures are properly handled. This includes issue awareness, risk determination, status tracking, and risk acceptance processing where appropriate. Proactively engage with security, software development, and product management stakeholders to ensure timely resolution of all security exposures. The ideal candidate will possess a combination of technical expertise in software and IT systems along with strong interpersonal skills to enable the clear and persuasive communication of risks with technical and business stakeholders as well as the effective validation of remediated vulnerabilities.
Software and System Security Assessment: Oversee and actively support the security assessment of applications using tools and techniques such as source code analysis, web vulnerability scanning, and manual testing techniques.
Project Management/Coordination: Coordinate departmental and cross-functional processes and projects. Champion application security program interests. Drive effective scheduling, risk and issue management, and change management for these initiatives. Participate in development and engineering efforts that include enhancements to tools, processes, and technologies in support of security operations, process and productivity improvements.
Email: alex@targetlabs.net