Easter Seals Jobs

Description

In this role, you will be part of a smart and collaborative team working to identify, interpret, and help drive vulnerability remediation in enterprise applications and will be responsible for participating in the coordination and presentation of application vulnerability reviews to development, risk, audit, and business teams.

This role is technical and will require you to be proficient in the use of state-of-the-art application vulnerability scanning tools and support critical efforts within the environment to improve the application security profile of the organization.

You must possess a passion for finding and fixing application vulnerabilities, think analytically and have the ability to learn fast to hit the ground running with whatever task or event may be thrown at you.

Responsibilities (but will not be limited to):

• Hands on use of automated tools and manual testing techniques to identify flaws, weaknesses, vulnerabilities and attack vectors in web applications (SAST, DAST, & IAST).

• Automating application security solutions across the enterprise.

• Driving innovative thinking and ideas to enable continuous improvement across Attack Surface Management.

• Monitoring and responding to Open Source Software weaknesses and exposures.

• Reviewing and coordinating changes to cyber security policies, procedures, and standards.

• Self-auditing our application security program in an effort to instill continuous improvement.

• Guiding development teams in best practices across all stages of the SDLC process.

• Evangelizing and driving Application Security inside the company.

• Building a very close working relationship with application development and QA teams.

• Developing and updating security patterns aligned with security requirements.

• Creating, producing and maintaining metrics associated with the application security program.

• Specific Experience with Snyk, Semgrep, or any ASPM Platforms preferred.

Required Skills and Experience:

• Knowledge and understanding of the OWASP top 10.

• 3 or more years of strong applicable security or development experience.

• Hands-on experience operating in an Agile/DevSecOps oriented environments.

• Experience implementing and supporting application security tools in automated build pipelines.

• Ability to present complex, technical information to a variety of audiences, both technical and non-technical, in written and/or oral formats.

• Demonstrable experience with application security testing techniques such as white/black box code analysis, fuzzing, penetration testing and code scanning. Experience with automated static (SAST) and dynamic (DAST) tools is a plus.

• Manual security testing and analysis of web applications, API’s, and mobile applications.

• Skilled in at least one major scripting or programming language (Python, Powershell, JavaScript, Go, Java, C/C++).

• Recall level of knowledge of SDLC principles.

• Strong presentation and communication skills (written and oral).

• Threat modeling and/or participation in secure design or architecture reviews is a plus.

• Application development background is a plus.

• Good time management skills and the ability to commit and adhere to time-sensitive deliverables.

• Experience with Jira and ServiceNow for service delivery is preferred.

Preferred Education and Certifications:

• Bachelor’s degree preferred.

• Security related certifications such as OSCP, OSWE, CSSLP, GWAPT, GWEB, CEH preferred.

Hours & Work Schedule

Hours per Week: 40

Work Schedule: Monday through Friday, 8:30am – 5:00pm

Pay Transparency:

The salary range for this position is $100,000 - $125,000 per year , plus an opportunity to earn an annual discretionary bonus . Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience.

We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens’ paid time off policy exceeds the mandatory, paid sick or paid time-away policy of very local and state jurisdiction in the United States. For an overview of our benefits, visit https://jobs.citizensbank.com/benefits .

#LI-Sourcer3

Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance.

Equal Employment Opportunity

At Citizens we value diversity, equity and inclusion, and treat everyone with respect and professionalism. Employment decisions are based solely on experience, performance, and ability. Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression (including transgender individuals who are transitioning, have transitioned, or are perceived to be transitioning to the gender with which they identify), genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague’s or a dependent’s reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws.

Equal Employment and Opportunity Employer

Citizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.

Why Work for Us

At Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth

Background Check

Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information.

10/04/2024