Penetration Testing and Application Security Manager

Profile

Are you a IT Security Penetration Testing Manager who loves to lead and provide strategic direction? This could be an excellent job for you! As a Restoration and Remediation Lead, you will lead and perform professional services in a data breach consulting environment. You will provide oversight and assistance to our partners during remediation and restoration. This role requires one to actively participate in cyber security events by providing prompt support in response and remediation. You will create and deliver professional presentations to internal and external audiences. The ideal candidate can lead and manage others, by empowering the team, and be a problem solver! Collaborate with partners (Solution Management, Product Management, Engineering, Architecture) to understand the requirements, ensure successful security architecture design, support development and delivery of products. Understand the compliance requirements, define the roadmap to align with the standards and regulations. Collect all the application & infrastructure security risks in a centralized location and works with product teams to prioritize the developments. Raise any major risks through proper channels. Maintain the relationship with third-party vendors providing services to support assessments  Assess applications & infrastructure threat landscape. Run security assessment queue and conducting application security assessment such as Dynamic Analysis, Penetration Testing & Vulnerability Management Lead all aspects of reporting that will provide analytics and metrics to Cybersecurity leadership Demonstrate a high technical level of Web, Thick Client, Mobile, Web Services, API & infrastructure penetration testing and offer expertise for identifying security vulnerabilities, develop documentations, drive remediation and work with others to assist the education of secure software development lifecycle Acts as a mentor for application & infrastructure engineers on security concepts and provide remediation mentorship, assist in the development of application threat modeling and internal software security champion program, support governance and compliance audits related to PCI, HIPAA, Sox and other regulations. Help with security incident response when neededWe value this experience:7 years of demonstrated experience working in Application Security3 years of Application & Infrastructure Penetration Testing and vulnerability management experience.Direct supervision of a distributed team of 5 people across the globe.Domain Expertise in Application Security, Application Penetration Testing, and vulnerability management Designing and implementing security for online multi-tenant systems and on-premises enterprise products, Designing and implementing security within continuous delivery pipelines and robust test automation.Experience with applying security in DevOps (CI/CD, Release/deployment automation), public cloud (AWS, Azure, GCP), Container security technologies, cloud native technologies (Containers, Server less), microservices architecture etc.Good work ethic with the ability to efficiently multitask in a fast-paced environment, clear communication capability to translate cyber security threats from a technical perspective to business-line understanding and execution, A validated history of ability to manage a team and develop talent.Well-developed analytic, qualitative, and quantitative reasoning skills and proven creative problem-solving abilities with complementary skills for log analytics and diagnosis skills applying regular expression and/or scriptingSecurity certifications like CISSP, OSCP, CEH or equivalent strongly preferred are a plus. Submitted CVEs or appeared on a bug bounty hall of fameWe offer youAon provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, or domestic partner status. Aon is committed to a diverse workforce and is an affirmative action employer. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. #LI-HYBRID#LI-REMOTE#DICE-KH #LI-KH1    2511463,qualifications:UNAVAILABLE,responsibilities:Are you a IT Security Penetration Testing Manager who loves to lead and provide strategic direction? This could be an excellent job for you! As a Restoration and Remediation Lead, you will lead and perform professional services in a data breach consulting environment. You will provide oversight and assistance to our partners during remediation and restoration. This role requires one to actively participate in cyber security events by providing prompt support in response and remediation. You will create and deliver professional presentations to internal and external audiences. The ideal candidate can lead and manage others, by empowering the team, and be a problem solver! Collaborate with partners (Solution Management, Product Management, Engineering, Architecture) to understand the requirements, ensure successful security architecture design, support development and delivery of products. Understand the compliance requirements, define the roadmap to align with the standards and regulations. Collect all the application & infrastructure security risks in a centralized location and works with product teams to prioritize the developments. Raise any major risks through proper channels. Maintain the relationship with third-party vendors providing services to support assessments  Assess applications & infrastructure threat landscape. Run security assessment queue and conducting application security assessment such as Dynamic Analysis, Penetration Testing & Vulnerability Management Lead all aspects of reporting that will provide analytics and metrics to Cybersecurity leadership Demonstrate a high technical level of Web, Thick Client, Mobile, Web Services, API & infrastructure penetration testing and offer expertise for identifying security vulnerabilities, develop documentations, drive remediation and work with others to assist the education of secure software development lifecycle Acts as a mentor for application & infrastructure engineers on security concepts and provide remediation mentorship, assist in the development of application threat modeling and internal software security champion program, support governance and compliance audits related to PCI, HIPAA, Sox and other regulations. Help with security incident response when neededWe value this experience:7 years of demonstrated experience working in Application Security3 years of Application & Infrastructure Penetration Testing and vulnerability management experience.Direct supervision of a distributed team of 5 people across the globe.Domain Expertise in Application Security, Application Penetration Testing, and vulnerability management Designing and implementing security for online multi-tenant systems and on-premises enterprise products, Designing and implementing security within continuous delivery pipelines and robust test automation.Experience with applying security in DevOps (CI/CD, Release/deployment automation), public cloud (AWS, Azure, GCP), Container security technologies, cloud native technologies (Containers, Server less), microservices architecture etc.Good work ethic with the ability to efficiently multitask in a fast-paced environment, clear communication capability to translate cyber security threats from a technical perspective to business-line understanding and execution, A validated history of ability to manage a team and develop talent.Well-developed analytic, qualitative, and quantitative reasoning skills and proven creative problem-solving abilities with complementary skills for log analytics and diagnosis skills applying regular expression and/or scriptingSecurity certifications like CISSP, OSCP, CEH or equivalent strongly preferred are a plus. Submitted CVEs or appeared on a bug bounty hall of fameWe offer youAon provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, or domestic partner status. Aon is committed to a diverse workforce and is an affirmative action employer. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. #LI-HYBRID#LI-REMOTE#DICE-KH #LI-KH1   ,skills:UNAVAILABLE,workHours:UNAVAILABLE,jobBenefits:UNAVAILABLE,datePosted:2022-07-19T21:14:00 0000,employmentType:FULL_TIME,educationRequirements:UNAVAILABLE,salaryCurrency:USD,baseSalary:{@type:MonetaryAmount,currency:USD,value:{@type:QuantitativeValue,value:0,minValue:0,maxValue:0,unitText:YEAR}},validThrough:2023-07-19T21:16:38.000Z,industry:UNAVAILABLE,hiringOrganization:{@type:Organization,name:Aon Corporation,sameAs:https://jobs.aon.com,logo:https://assets.jibecdn.com/prod/aon/0.0.47/assets/brands/https://aon.icims.com/icims2/servlet/icims2?module=AppInert&action=download&id=1134557&hashed=154379},jobLocation:{@type:Place,address:{@type:PostalAddress,addressLocality:Virtual,addressRegion:Illinois,streetAddress:Virtual,postalCode:60601,addressCountry:United States}}}

Company info

Aon PLC.
Website : http://www.aon.com