Application Security Engineer III

We're looking for a full-time phenomenal Application Security Engineer III to architect and lead the implementation of the security-related aspects of our ITX platform. This will include evaluating and recommending new and emerging cloud security technologies and standards to ensure it is highly secure, resilient, and consistent with the Info Sec policies and compliance requirements. What You'll Do Lead, design, implement and maintain the Phenom Secure Architecture & Software Development program to support the best cybersecurity development practice, and ensure Phenom ITX Platform is highly secure, resilient and aligned with business and product development strategy. Identify appropriate cybersecurity controls and provide guidance to Senior Engineering and Product Management on defining and prioritizing its development on the Phenom ITX platform. Continuously review and identify security improvement opportunities in existing processes, services, and workflows to ensure Phenom platform is robust against current and future cybersecurity threats. Participate in architecture design reviews with senior engineering and product management staff to provide guidance on defining and incorporate effective threat modeling and security standards into product design Work on implementing the required fixes to remediate the vulnerabilities in collaboration with the engineering team as needed Support and manage cybersecurity process activities including security requirements definition, threat modelling, code reviews and cyber risk assessment. Design and develop processes, solutions and automation for security reviews and testing activities including those within the CI/CD pipelines. Evaluate application security tools to improve our detection and prevention capabilities Develops and maintains a "security by default" standard to be used in the development, infrastructure, or any other technology project Develops, maintains, owns, and regularly updates Phenom Secure Architecture, including technology stack, information flows, solutions and services Work with the Global InfoSec Team to develop strategies and plans to enforce security requirements and address identified risks and embed it as a requirement into the Phenom Secure Architecture. Collaborate with engineering/development teams to evolve SW assurance processes to address security risks, and help teams learn and adopt shift-security-to-left practices. Prepare and deliver training on Security Development Lifecycle to engineering/development teams Coach less experienced team members, provide training as required and demonstrate best practices through hands-on involvement in all cyber related activities. Drive continuous improvement activities to define, measure, visualize and improve key cyber security metrics.

Phenom People