Crescent Solutions is committed to helping you as an esteemed IT Professional find the next right step in your career. We match professionals like you to rewarding consulting or direct hire opportunities in your area of expertise. During the initial discussion, we hope to learn more specifics about your background and skill set to determine what job opportunities will be most interesting to you. Our keep it simple approach is only part of what sets us apart from other firms in the challenging job market today. We partner with the most innovative and well-known organizations in the industry providing you exceptional career opportunities. We are currently seeking IT professionals who are searching for technology jobs for the following opportunity Director of Application Security Responsibilities Build out the organizationrsquos application security fundamental strategy and develop realistic roadmaps and priorities Partner with DevOps to design and build scalable and automated security toolsets, processes, and infrastructure as part of a continuous integration and continuous delivery (CICD) pipeline Collaborate with engineering, product, and cross-functional teams to help them prioritize real-world security issues while balancing the goals of the business Evaluate and select new technologies, tools, and vendors to help manage the continual improvement of application security practices and platforms Execute your vision and help decide what security issues the organization should prioritize Be hands-on and able to deep-dive technical security findings while you mature the program to track from identification and help the engineers get to remediation Scale security efforts by influencing and empowering engineering teams with the right guidance, patterns, and training Expand and lead AppSecrsquos scope to include data protection, privacy, third party risk, and general risk reduction Act as a trusted consultative partner for all security strategies including zero trust, automation, and policy Your work will encompass and affect all security initiatives including DevOps, Zero Trust, automation, privacy, and more. Qualification 7+ years relevant application or product security experience with technical hands on AppSec skills and a deep understanding of various AppSec strategies and their trade offs Deep experience with one or more AppSec tools such as SAST, DAST, or IAST Experience with modern software development practices In-depth knowledge and experience of CICD best practices Knowledge of OWASP top-10 but also a deep understanding of web application and mobile app vulnerabilities and how those translate to real life Web application security, API hardening, secure data storagetransmissionprocessingprinciples, container security, DevSecOps, security automation Offensive security skills, application testing, penetration testing, reverse engineering Expertise in application security but also breadth of knowledge across multiple Information Security domains and depth in a few Cloud infrastructure operations and architecture Identity management and authentication protocols Data protection schemes, data privacy best-practices, information risk management Common application technologies including Github, CircleCI, Netlify, MongoDB, ExpressReactNode.js,Docker, Azure, Terraform Development experience with at least one modern language such as JavaScript, Python, Ruby, etc