This site uses cookies. To find out more, see our Cookies Policy

Application Defense Manager in 75013 at Vaco

Date Posted: 5/7/2018

Job Snapshot

Job Description

Application Defense Manager

DETAILS

Location: Allen, TX

Position Type: Direct-Hire

Hourly / Salary: to $140K + up to 15% bonus structure

JOB SUMMARY

Vaco Technology is currently seeking an Application Defense Manager for a Direct-Hire opportunity located in Allen, TX. The Application Defense Manager will lead teams responsible for conducting internal / external penetration testing and automated web application security testing. The Application Defense Manager will evolve the delivery model for the application penetration testing services, including roles and responsibilities, remediation plans, and rollout of best practices, etc.

  • Hire / Manage / Develop Application Penetration Testers - Provide Direction / Establish Clear and Measurable Objectives / Managing Performance / Train and Coach Teams, etc.
  • Develop / Maintain KPIs for Project Resource Requirements / Forecasting Subcontractor Usage, etc.
  • Knowledge Management of Findings to Determine Severity of Findings / Identify Potential Remediation or Mitigation Strategies, etc.
  • Monitor / Report Progress / Problems / Solutions Effectively
  • Communicate with Management / Business Sponsors - Project Statuses / Issues as they Relate to Testing
  • Communicate with all Project Stakeholders - Presentations to Senior Management / Create Agendas / Track Meeting Minutes, etc.
  • Create / Support KPIs - Measure Risk Reduction / Progress Over Time, etc.
  • Build / Develop High-Performance Teams
  • Develop / Mentor Staff to Achieve Career Goals / Maintain Leadership Succession Planning, etc.

JOB REQUIREMENTS

  • Application Penetration Testing Management / Lead (4+ years)
  • Hands-On (Current / Previous) Application Penetration Testing (8+ years)
  • Penetration Testing Tools (Hands-On) - Kalu Linux / BurpSuite / Nessus / MetaSploit, etc.
  • Knowledge of Existing / Emerging Threats / Web Security Principles / Attack Vectors, etc.
  • Create Detailed Penetration Testing Reports / Recommendations for Remediation Options, etc.
  • IT Security Management Technologies / Methods / Standards / Processes - Compliance / Legal / Internal and External Audit and Regulatory Requirements, etc.
  • Open Source Security Testing Methodology Manual (OSSTMM) / Open Web Application Security Project (OWASP) / National Institute of Standards and Technology (NIST) Special Publications
  • Collaborate / Facilitate / Coordinate Business Units for the Mitigation of Risks
  • Understand Application Design / DevOps / TCP/IP Fundamentals / Network Protocols / Systems Administration / Network Architectures
  • Exposure to Large Implementations of Vulnerability Management Programs - Application Security / Metrics Development / Reporting, etc.
  • Previous Programming Experience (with at least 1 of the following) - Perl / Ruby / Bash / C / C++ / C# / Java
  • Web Framework Knowledge - Spring / Struts Hibernate / ASP / JSP / APIs, etc.
  • APIs Understanding (JSON / REST / SOAP) - Technical Writing / Assessment Reports / Presentations / Operational Procedures, etc.

PREFERRED (not required)

  • IT Security Management Frameworks (Knowledge) - ISO 270001 and 270002 / ITIL / COBIT / NIST, etc.
  • Professional security management certification, such as a CISSP, CISM, CEH, OSCP/E, GWAPT, GPEN, or GXPN certification(s) or other similar credentials, is desired

Job Requirements

Penetration Testing, Vulnerability Testing, Lead, OSSTMM, OWASP, REST, SOAP, C#, Java