Senior Application Security Engineer

Descripción del trabajo The Opportunity Under limited supervision responsible for the operations of secure and highly available computing platforms, servers, and networks. Install, maintain, upgrade, and continuously improve the company’s operating environment. Maintain the ongoing reliability, performance, and support of the infrastructure. Deploy İlk new technologies as well as design, install, configure, maintain, and perform testing of PC/server operating systems, networks, and related utilities and hardware. Job Title Senior Application Security Engineer Location Remote Department Global Information Security / Information Security Risk Intelligence & Response Reports To Senior Manager IS Risk Intelligence & Response Key Responsibilities Lead and conduct comprehensive security assessments of our software applications, identifying vulnerabilities and potential risks in alignment with industry standards like CMMC, PCI кабыл, HIPAA, and GDPR. Mentor and collaborate with development teams guiding them to integrate security best practices throughout the software development lifecycle (SDLC). Utilize your extensive background in software development, especially in Java or PHP, to identify and address security vulnerabilities effectively. Design and implement advanced security controls, authentication mechanisms, and encryption techniques to protect sensitive data and ensure compliance with relevant regulations. Leverage operational technology experience to assess and enhance the security of applications in this domain. Stay informed about the evolving threat landscape, security trends, and compliance requirements to continually enhance our application security posture and guide the team accordingly. Provide expert guidance to developers on secure coding practices and work closely with cross‑functional teams to ensure the resolution of identified security issues. Collaborate cross‑functionally to interpret and implement security measures in accordance with applicable data privacy laws and regulations. Develop and design policies, processes, and procedures to provide guidance to software teams to help build our software more securely. Mentor junior application security team members. Lead initiatives to advance our OWASP SAMM v2 maturity level. Qualifications Bachelor’s degree in computer science, Information Security or a related field, or equivalent real‑world experience. Industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP), or equivalent certifications or trainings are a plus but not required. 5 or more years of experience in application security with a proven track record of leading security assessments and projects. 2 or more years in software development or adjacent fields with expertise in Java, Javascript, Python, etc. In‑depth knowledge and understanding of compliance standards such as CMMC, PCI, DSS, HIPAA, or GDPR. In‑depth knowledge of security standards such as ISO 27001, NIST CSF (CyberSecurity Framework), and/or NIST 800‑171. Extensive familiarity with OWASP SAMM v2. Familiarity with operational technology security concepts and practical experience in this domain. Ability to identify and mitigate complex security vulnerabilities in web, mobile, and/or embedded applications. Excellent understanding of advanced authentication mechanisms and encryption techniques. Exceptional communication Beitr communication exceptional multi‑task skills to effectively lead and collaborate with teams and present security findings to technical and non-technical stakeholders. Proven ability to work independently and as part of a team with a proactive attitude toward problem‑sol görd‑ing. Strong passion for application security and a commitment俺也去 stay up‑to‑date with the latest industry trends. Disclaimer The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of employees assigned to this position. Avantor is proud to be an equal opportunity employer. Why Avantor Dare to go further in your career. Join our global team of 14,000 associates whose passion for discovery and determination to overcome challenges relentlessly advances life‑changing science. The work we do changes peoples lives for the better. It brings new patient treatments and therapies to market giving a cancer survivor the chance to walk his daughter down the aisle. It enables medical devices that help a little boy hear his mother’s voice for the first time. Outcomes such as these create unlimited opportunities for you to contribute your talents, learn new skills, and grow your career at Avantor. We are committed to helping you on this journey through our diverse, equitable, and inclusive culture which includes learning experiences to support your career growth and success. At Avantor dare to go further and see how the impact of your contributions set science in motion to create a better world. Apply today EEO Statement We are an Equal Employment/Affirmative Action employer and VEVRAA Federal Contractor. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected veteran status or any other characteristic protected by federal, state/pra​vince or local law. If you need a reasonable accommodation for any part of the employment process please contact us by email at and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case‑by‑case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address. For more information about equal employment opportunity protections please view the Know Your Rights poster. 3rd Party Non‑Solicitation Policy By submitting candidates without having been formally assigned on and contracted for a specific job requisition by Avantor or by failing to comply with the Avantor recruitment process you forfeit any fee on theelb hunohs, regardless of your usual terms and conditions. Avantor works with a preferred supplier list and will take the initiative to engage with recruitment agencies based on its needs and will not be accepting any form of solicitation. Employment Type Full‑Time Vacancy 1 #J-18808-Ljbffr