Application Security Program Manager
As an Application Security Program Manager at Bullhorn, you will lead the Application Security Program on the Information Security team. You will work hand-in-hand with developers to implement and mature security tools, advise on best practices, and promote security initiatives. A successful candidate for this position will have excellent communication skills, a strong understanding of application security and risk, and the ability to lead cross-functional teams.
Why this job is important:
The person in this role will provide technical leadership in the architecture and implementation of application security. He or she will help Bullhorn proactively address security in application development with design recommendations, tool implementation, and risk assessments. The person in this role will empower developers to perform security checks on their applications using Shift Left principles.
As an Application Security Program Manager, a typical day might include:
Implementing static and dynamic application security testing tools in new applications
Interpreting the results of penetration tests and security scans to provide risk-based recommendations for remediation
Recommending best practices for security in application design and development
Consulting with development teams on security readiness for deployment
Coordinating penetration tests for SaaS applications
This job might be for you if you have:
3+ years of application security experience, preferably working with SaaS applications
Experience with application security penetration testing and performing baseline static/dynamic application security assessments (SAST/DAST) on new applications and changes to applications
Knowledge of a variety of software languages such as Java, .Net, Python, PHP
Experience in enterprise application development and design, including REST APIs, database, messaging, and search technologies
Familiarity with the Software Development Lifecycle (SDLC) and associated tools (Git, Jenkins, Jira)
A deep understanding of common application vulnerabilities, including OWASP Top 10
Experience writing enterprise security standards, policies and coding guidelines
Bonus points for:
Experience securing Docker, Kubernetes, or other containerization technology
Knowledge of open source code security tools like Black Duck, Veracode SCA, or other software composition analysis technology
OSCP, GWAPT, GPEN, GXPN, CEH or other security certifications
Strong culture makes Bullhorn a great place to work! Our offices offer a casual, collaborative environment with weekly catered-in lunch and breakfast, and "First Thursday" social events. Bullhorn offers unlimited vacation, quarterly paid volunteer days through its philanthropic group Bullhorn Cares, and an open invitation to Bullhorn Allies groups, which celebrate and cultivate diversity and inclusion for all employees.
You might be a fit for Bullhorn if:
You are energetic and enjoy working in a fast-paced environment
You are confident and love sharing success with your team
You take ownership of your work and continuously strive for improvement