Our mission is to unlock human potential. We welcome you for who you are, the background you bring, and we embrace individuals who get excited about learning. Bring your experiences, your perspectives, and your passion; it’s in our differences that we empower the way the world learns.
In this role, you will devise and implement security solutions to protect applications and services from potential threats. You will play a key role in designing, implementing, and maintaining the Application Security program, which is essential for Wiley’s Zero Trust journey. This program ensures that every application is secure and resilient against vulnerabilities before being deployed.
How you will make an impact:
- Conduct application security assessments, encompassing static application security testing (SAST), dynamic application security testing (DAST), code reviews, penetration testing, and security architecture evaluations.
- Collaborate with development teams to integrate security into the software development lifecycle (SDLC).
- Performing threat modeling, design reviews, and secure code reviews on applications and systems
- Provide detailed explanations of common attack vectors such as SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) to both developers and management.
- Investigate and keep track of new threats and vulnerabilities, stay informed about current industry and technology trends and opportunities, and evaluate their effects on applications and the business.
- Work closely with Development and DevOps engineers to assess and implement security tools within development environments.
- Utilize the OWASP Software Assurance Maturity Model (SAMM) to assess, formulate, and implement a comprehensive software security strategy within the Software Development Lifecycle (SDLC).
- Develop documentation for application security metrics, policies, procedures, standards, guidelines, and training
- Assist with Wiley’s Security Champions program by providing application security expertise to developers and SREs.
- Stay up-to-date with the latest security trends, tools, and technologies.
- Provide security training and awareness to development teams.
- Minimum of 2-4 years of experience in increasingly complex, security-related roles
- Strong ability to effectively communicate with colleagues at all levels in the organization, including explaining complex issues and information in simple and actionable ways.
- Expertise in core application security principles
- A strong understand of common software development process
- Strong leadership and strategic thinking skills.
- Experience working with a highly technical and skilled team
- Preferred experience working with SAST, IAST, DAST, RASP and other common application security solutions.
- Continuous Learning: Stays up to date with the information security management trends, threats, and technologies.
- Certifications: Seeks to obtain relevant certifications to grow skills and knowledge.
- Hands-on Experience: Desires gaining practical experience through lab environments, Proof of Concept or real-world scenarios.
- Networking: Joins communities, attends conferences, and engages with peers for knowledge exchange.
- Mentorship: Seeks mentorship from experienced professionals while also providing mentorship to other Security team members.
Generating Apply Link...
