Manager, Offensive and Application Security (Remote)
Trinity Health · Livonia, MI · 5 days ago
Information Technology$123k–$203k/yrFull-time
About the role
This role manages and develops the Offensive and Application Security Team. The leader oversees a team that communicates findings and strategy to client stakeholders, provides constructive suggestions for improving security posture, and measures the effectiveness of security operations.
Responsibilities
- Develops and performs penetration testing or adversary simulation engagements.
- Oversees a team that communicates findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
- Provides constructive suggestions for improving security posture and controls, hone defensive capabilities, and measure the effectiveness of security operations.
- Maintains an effective and efficient approach to information security that is balanced and consistent with the mission, values, and operating goals of Trinity Health.
- Performs security reviews of application designs, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS).
- Identifies and clearly articulates findings to senior management and clients.
- Participates in security assessments of networks, systems and applications.
- Coaches members of the Red Team, guiding them in offensive security tactics and strategies.
- Led the secure code review program to ensure adherence to security best practices and policies.
- Manages the overall performance of the team in terms of effectiveness, efficiency, productivity, and quality.
- Schedules resources to execute and support the threat intel domain through Red Team operational procedures (communication and tracking).
- Coordinates activities that may impact other IT supported areas.
- Develops and maintains detailed documentation relative to application penetration testing (APT) and dynamic application security testing.
- Conducts DAST, static application security testing (SAST), and source composition analysis (SCA).
- Directly manages, mentors and supports the Application Security function in conducting secure code reviews, vulnerability assessments, and ensuring compliance with security best practices.
- Evaluates and reports on application security metrics and performance, aligning with Trinity Health's strategic objectives and operational goals.
- Facilitates the departmental initiatives to achieve business and organizational goals, vision and objectives.
- Supports planning, communicating, coordinating, and performing manual penetration testing and security assessments at application, system and enterprise level.
- Identifies and drives process improvement within Red Team program.
- Pairs with business groups/clients to design processes & scope of penetration testing & security assessment methodologies.
- Pairs with the delivery team to identify and drive delivery of opportunities to automate, improve efficiency, reduce the number of steps to perform the function while ensuring quality.
- Acts as a liaison between business and technical employees to translate requirements/needs in both directions.
- Works closely with the incident and threat hunting teams, and various lines of business to mitigate risk.
Requirements
- Bachelor of Science in Information Technology – Cyber Security, or an equivalent combination of education and experience.
- Five (5) to seven (7) years of progressive experience with comprehensive knowledge of hardware, software, application, and systems engineering in multiple IT disciplines (network, web applications, server hardware and software, vulnerabilities, and risk - assessment and management) with a focus in the following information security disciplines.
- Five (5) to seven (7) years of information security experience.
- Three (3) to five (5) years of penetration testing, red teaming, ethical hacking, application security, or similar management experience.
- Strong understanding of threat actors and the TTPs used by known threat actors.
- Comprehensive knowledge of information security practices (technical, operational, and administrative) in Network penetration testing and manipulation of network infrastructure.
- Experience in performing external and internal penetration tests using security testing tools, such as BurpSuite, Mimikatz, Metasploit, Nessus, HP Web Inspect, or other tools.
- Applying an understanding of the principles of information security engineering, architecture, and application security.
- Experience leading pen testing security teams focused on enterprise, web, and mobile applications.
- Document and explain technical details in a concise, understandable manner to business owners.
- Experience with networking components (routers, switches, load balancers, wireless access points, etc.).
- Intrusion Detection analysis and prevention, Data Loss Prevention, Windows / Linux / Mac OSX Operating systems.
- Comprehensive knowledge of client/server relationships and multi-tier environments, load balancers / Web Application Firewalls, Active Directory, DHCP, DNS, PKI.
- Networking technologies: routers, switches, firewalls.
- Understanding of web-based application vulnerabilities (OWASP) network security and popular attacks vectors.
- Knowledge of Windows, Linux, Unix, any other major operating systems, and deep understanding of TCP/IP network protocols.
- Familiarity with the latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends in Cloud implementations.
- Knowledge and skills of monitoring of security vulnerabilities, threats, exposures, associated risk, and mitigating solutions.
- Knowledge and understanding of web services, SOA (Services Oriented Architecture), micro-services, and API biased architectures.
- Experience in using automated code tooling related to building or deploying code to operational environments.
- Exposure and/or experience with various security testing techniques such as manual code reviews, dynamic application security testing (DAST), static application security testing (SAST), source composition analysis (SCA), and penetration testing.
- Understanding of software development life cycle, coding standards, and software security principles.
- Familiarity with reading and using a variety of programming languages and frameworks.
- Experience with software development/deployment methodologies including Agile, Continuous Integration/Continuous Deployment (CI/CD), and DevSecOps.
Qualifications
- Desired Security certifications: GWAPT (GIAC Web Application Penetration Tester), CSSIP (Certified Information Systems Security Professional), GCIH (GIAC Certified Incident Handler), CEH (Certified Ethical Hacker), which may also substitute an equivalent combination of education and experience.
- Strong knowledge of HIPAA, ISO 27001/2, FISMA, FIPS, OWASP and NIST security.
- Must be team oriented, supportive, and committed to excellence and possess high level of initiative and self-motivation with demonstrated work ethic.
- Ability to manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects and workload.
Skills
- Team-oriented
- Supportive
- Commitment to excellence
- High level of initiative and self-motivation
- Adaptability to rapidly changing technology and business needs
Benefits
Actual compensation will fall within the range but may vary based on factors such as experience, qualifications, education, location, licensure, certification requirements, and comparisons to colleagues in similar roles.
Pay
Pay grade 17 range $122,855.2166-202,711.1074
Schedule
N/A