CaryRecruiter Since 2001
the smart solution for Cary jobs

Software Engineering Director- Application Security

Company: Met Life
Location: Cary
Posted on: September 15, 2019

Job Description:

Job Location: Cary, NCRole Value Proposition:The Director of Application Security Governance plays a key role in creating, maintaining, and enhancing application security practices as well as activating and facilitating IT Risk and Security policy and controls throughout the US Application Development organization. Acts as an interface between the organizations lead by the Chief Information Security Officer (CISO) and Chief Information Officer (CIO). This role helps to balance the risk and policy-based requirements set by the CISO with the business-lead activities and programs set by the CIO. In this capacity, the Director of Application Security Governance must be able to drive objectives that enhance security controls and standards while balancing business priorities and constraints. Central to the US CIO team -and covering all the Lines of Businesses in the US- this role is responsible for the formation of plans that improve application security and for the tracking and reporting of metrics related to security compliance. This includes working with Application Security Champions and Application Security on identification, prioritization, and resolution of application vulnerabilities and flaws. Key Responsibilities:

The Director of Application Security Governance supports the implementation of application security practices, provides regular status reports to senior management, and facilitates the governance and resolution of application vulnerabilities in the US portfolio. Work with Application Development managers and Security Champions to create application security plans and roadmaps that follow IT Risk and Security policies and standards, as well as supporting them in understanding and responding to internal audit reviews, legal and regulatory compliance efforts and addressing any identified findings. Ensures that security measures are incorporated into strategic application plans and that Application Development and IT Risk and Security expectations and activities are well balanced and properly defined.Assist in prioritizing remediation of vulnerability flaws based on the risk profile of the applications, the criticality of the vulnerability, and provide guidance as needed using the Application Security Champions.Work with the CISO to develop security projects and activities that address identified risks and business security requirements as well as incorporate a perspective of the implication of these activities and projects in the application environment and the US business.Develop, track and report on relevant application risk and security metrics to drive prioritization and accountability of security flaw remediation as well as security performance.Accountable for the organization adoption of processes and tools to identify security flaws and for establishing practices to increase application security levels. Be the liaison between Application Development, Application Security Champion Lead, Internal Audit, and IT Risk Functions. Coordinate operational activity including risk assessments, plan for closure of risk findings, disaster recovery compliance, and associated line of business reporting. Participate in secure assessments of US applications and IT infrastructure as part of the overall risk management practice of the organization. Manage list of in scope applications and their timeline and compliance with vulnerability testing.Provide relevant stakeholder communication including policy changes, risk awareness and security training as well as creation of a strategy to support adoption of the new IT risk tools, processes or organizational changes.Work with Security Champions to enhance the DevSecOps model by advocating for and ensuring the communication and existence of secure coding practices and standards. People manager of a small team.Candidate Qualifications:Required
Bachelor s degree in computer science, information systems or related field, or equivalent work experience. 7+ years of related IT experience with 5 years in an information security role & at least 2 years in a supervisory role. This role requires an individual with both a strategic and IT risk background. Experience with threat modeling methods & data analysisFamiliar with frameworks such as COBIT, ISO 27001/2, NIST Cybersecurity.Strong leadership skills and ability to work effectively with a multi-disciplinary set of stakeholders across different levels and with minimal supervision. Strong understanding of the business impact of security tools, processes and policies as well as high proficiency in how to assess application risk and business impact, identify control and vulnerability assessments and define treatment strategies. Familiar with tools like Archer, Veracode, and Primeon.Team player; able to work collaboratively and effectively with and through others at all levels in an organization; proven ability to influence others and move toward a common vision or goal.Excellent problem-solving and analytical skills, ability to root out cause and think strategically and critically to develop solutions to complex problems. Resilient and tenacious with a propensity to persevere.Organized with a natural inclination for planning and attention to detail and accuracy; mindset of continuous improvement. Preferred:
MBA or MS in information security is preferredBuilding/maintaining application roadmapsProfessional Certifications: CISA, CISM, CSSLP, CISSP applied to software development lifecyclesOpen Pages GRCExperience with compliance requirements for HIPAA, PCI, SOX, and NYDFSBusiness CategoryRegional Application DevelopmentNumber of Openings1At MetLife, we re leading the global transformation of an industry we ve long defined. United in purpose, diverse in perspective, we re dedicated to making a difference in the lives of our customers.MetLife is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is MetLife's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.MetLife maintains a drug-free workplace.For immediate consideration, click the Apply Now button. You will be directed to complete an on-line profile. Upon completion, you will receive an automated confirmation email verifying you have successfully applied to the job.Requisition #: 110410 Associated topics: c#, chief technology officer, etl, information technology infrastructure library, java, life cycle, oracle, software development, sw, unix

Keywords: Met Life, Cary , Software Engineering Director- Application Security, Executive , Cary, North Carolina

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Other Executive Jobs

General Manager, Residence Inn, Durham
Description: This 112 all-suites extended stay hotel, is located near Duke University and Medical Center, NC Central University and the Durham Performing Arts Center DPAC . Downtown Durham has so much to offer in (more...)
Company: Residence Inn Durham McPherson Duke
Location: Durham
Posted on: 09/16/2019

Chief Operating Officer - North Carolina - Raleigh
Description: Responsible for the overall operations of the health plan, including strategic direction, administration for all existing programs and the development of new programs to ensure goals and objectives are (more...)
Company: Wellcare Health Plans
Location: Raleigh
Posted on: 09/15/2019

Lean Manager/Last Planner Coach
Description: ResponsibilitiesBrasfield Gorrie, a recognized leader in the construction industry, has exciting opportunities available for a Lean Managers accross the company. br br The Lean Manager will encourage (more...)
Company: Brasfield & Gorrie
Location: Raleigh
Posted on: 09/15/2019

Chief Operating Officer
Description: COO - CHIEF OPERATING OFFICERLocation:--Raleigh, North Carolina----Mary Square is a consumer products company specializing in gift, apparel and jewelry products imported into the US and sold into diverse (more...)
Company: Mary Square, LLC
Location: Raleigh
Posted on: 09/16/2019

Project Manager
Description: RESPONSIBILITIES:Kforce has a client in search of a Project Manager in Raleigh, NC. br br Project: br br br ul br li Moving from scrum masters playing dual roles within the teams to dedicated (more...)
Company: Kforce
Location: Raleigh
Posted on: 09/15/2019

Lead Data Manager
Description: Company DescriptionWe're over 1,700 strong across the globe. We're scientists, strategists, creatives, and innovators. We value individual brilliance and build a strong foundation for Teamwork across (more...)
Company: PSI CRO
Location: Durham
Posted on: 09/15/2019

General Manager - Courtyard Greensboro - (19080361)
Description: Here's To Your Journey with Courtyard With more than 330 managed locations in more than 20 countries Courtyard by Marriott offers a refreshing environment that helps guests stay connected and balanced. (more...)
Company: Marriott International, Inc.
Location: High Point
Posted on: 09/16/2019

Medical Device - Billing Manager - Durham
Description: -My client is expanding and looking to hire a Billing Manager to oversee a group of 30 remote and on-site employees.-- The ideal candidate will take on the following
Company: Job Juncture
Location: Durham
Posted on: 09/16/2019

Food Operations Manager 2
Description: Unit Description Sodexo Campus Services is seeking a Food Operations Manager 2 to oversee the food service dining programs at North Carolina Central University located in Durham, NC North Carolina Central (more...)
Company: Sodexo
Location: Durham
Posted on: 09/15/2019

Unit Supply Specialist - Warehouse Manager (92Y)
Description: 92Y Unit Supply Specialist - Warehouse ManagerJob ID: Job Views: 57Location: DANVILLE, Virginia, United StatesZIP Code: 24540Job Category: Supply and LogisticsPosted: 09.04.2019Age Requirements: Must (more...)
Company: Army National Guard
Location: Danville
Posted on: 09/16/2019

Log In or Create An Account

Get the latest North Carolina jobs by following @recnetNC on Twitter!

Cary RSS job feeds