The Senior Application Security Specialist will be responsible for running and growing the application security program at TAB. Reporting to the VP of Information Security they will work with the DevOps and Software Services teams to provide security assessments and minimize risks with data and application development.

Essential Duties and Responsibilities:

• Demonstrates ownership and initiative for growing and improving all aspects of the application security program
• Develop security strategies for the development process and work with teams to implement and operationalize the strategy
• Manage a Static Application Analysis Testing (SAST) as well as running dynamic scans on a periodic basis
• Lead vulnerability assessments and monitor multiple applications and services
• Scan and report on open-source packages and work with teams to update these packages
• Organize, run, and triage penetration tests, review reports and prioritize recommendations
• Implement a mobile testing platform as well as policy around mobile testing
• Advise developers of remediation options, using best practices, to address application vulnerabilities and reduce risk
• Validate system security requirements definition and analysis; establish system security designs; and implement security designs in hardware, software, data, and procedures
• Work with internal and external auditors to provide evidence of progress in the application security program
• Provide scripting and security validation for developer's security practices
• Contribute to security policies and standards
• Experience in policy, procedure, and standards in security best practices
• Knowledge of container, cloud, and data storage
• Act as a trainer and mentor to developers and other members of the security team
• Experience in DevOps and development processes in a SAFe Agile environment is a nice to have
• Other duties as assigned.

Requirements:

• One or more of CISSP, CSSLP, CEH, CPT, or OSCP - all professional certifications highly valued
• 4-7 years' experience preferred
• Bachelor's degree or equivalent in Computer Science, MIS, or related field
• Understanding and experience with NIST guidelines
• Strong interpersonal and communication skills, works well with multiple teams
• To exercise considerable latitude in determining technical objectives of assignment. Work is performed with minimal direction. Completed work is reviewed from a relatively long-term perspective for desired results
• Experience reviewing Java, Javascript, Groovy, and Python
• Working knowledge of OWASP best practices

TAB Bank Offers:

• Onsite Gym
• Tuition Reimbursement
• Paid Holidays
• Gym Reimbursement
• College Scholarships for Employees and Families
• 401(k)
• Paid Time Off (PTO)
• Employee Assistance Program (EAP)
• I Made the Grade
• Holiday Club Program
• Medical, Dental, Vision, Life and AD&D, Voluntary Disability, Flex Spending & Dependent Care

TAB Bank will not sponsor applicants for work visas.