The Application Security Manager is responsible for ensuring all MSG applications and software meets our security standards, while also allowing MSG to provide best in class services and products to our customers (both internal and external). This position will be critical in bridging the gap between MSG’s customer facing programs and marketing tools and its security philosophy, to prevent any potential securitythreats or events from affecting MSG’s operating business.
- Act as a Security Evangelist, who can translate security concepts into business language. Liase between MSG Technology’s security team and our business users who are interacting with our clients through applications, software, communication, payment options, etc.
- Ensures that MSG Technology Developers, Engineers and QA personnel are trained with the appropriate level of security knowledge to perform their daily activities.
- Supports the Incident Response Manager and other members of the Security team in reviewing processes whenever application security expertise is needed.
- Deploying, improving and supporting application security tool deployments and development standardsincluding static analysis and runtime testing tools.
- Manage BB program (phase 3)
- Manage static and dynamic code analysis
- Manage third party assessments
- Work closely with MSG Technology staff (first line support) to ensure organization is properly prepared for securitythreats and potential incidents/events.
- Develop training and communication plan to ensure organization is aware of incident management process and proper protocol.
- Stay abreast of the latest information security controls, practices, techniques and capabilities in the marketplace; lead internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing mentoring and by conducting knowledge sharing sessions
- Five to seven years of experience and advanced knowledge of IT Security concepts, security assessments, associated security software tools and industry standards.
- Have application security testing experience
- Able to work with a variety of technologies to ensure they meet our security standards
- Ability to influence decision‐making processes at all levels of a large organization
- Must be able to explain vulnerabilities and weaknesses to many audiences, and discuss effective defensive
- Experience with NIST CSF
- Highly collaborative individual
- Risk based decision maker
- Goal focused employment
- Metric and report focus
- Advanced knowledge of programming languages, database design, infrastructure and related technologies.
Candidates who have completed 60 credits of college-level coursework (representing 2 years), or have shown similar self-development through certifications, trade school coursework, etc. are preferred.