CBS Corporation is a mass media company that creates and distributes industry-leading content across a variety of platforms to audiences around the world. The Company has businesses with origins that date back to the dawn of the broadcasting age as well as new ventures that operate on the leading edge of media. CBS owns the most-watched television network in the U.S. and one of the world’s largest libraries of entertainment content, making its brand — "the Eye" — one of the most-recognized in business. The Company’s operations span virtually every field of media and entertainment, including cable, publishing, local TV, film, and interactive and socially responsible media. CBS’ businesses include CBS Television Network, The CW (a joint venture between CBS Corporation and Warner Bros. Entertainment), Network 10, CBS Television Studios, CBS StudiosInternational, CBS Television Distribution, CBS Consumer Products, CBS Home Entertainment, CBS Interactive, CBS Films, Showtime Networks, CBS Sports Network, Pop (a joint venture between CBS Corporation and Lionsgate), Smithsonian Networks, Simon & Schuster, CBS Television Stations, CBS EcoMedia, and CBS Experiences.
The primary responsibility of the Director, Application Security is to handle all the phases of management geared toward ensuring that the highest level of service is provided by the Application Security Team. The Director, Application Security will act as a key technical resource capable of handling many aspects of web, mobile and cloud application security testing. This individual will play an active role within the CBS Information Security Group dedicated to assuring information confidentiality, integrity, availability, and leading the development of a long-term Application and Cloud Security Strategy.
The Director will be a hands-on technical leader - she/he will lead the application security team that develops and supports application security services
Responsible for team of resources:
o For employee resources: determines workload, delegates assignments, promotes career development, and evaluates performance, skill growth, competency growth, performance goals.
Responsilbe for the management of DAST and SAST Applicaions security tasks across all divisions
Manages vendor risk assessments and review of third party penetration testing
Manages Applicaion SecurityVendor relationships
Directs the integration of secure development standards, tools, and processes into the SDLC
Directs the strategic development and implementation of a advanced threat modeling framework
Produces relevant application security metrics that demonstrate a continually improving AppSec posture
3-5 years' experience supervising and leading application security professionals
Proven experience maturing an application security program including identifying, hiring and growing strong talent
Solid, well-rounded understanding of InfoSec practices and programs
Demonstrated ability to explain risks and vulnerabilities to both technical and non-technical audiences
Experience performing application and networksecurity testing.
Strong mentorship and coaching skills, both for existing application security engineers and developing new talent pipelines inside and outside the company.
Broad technical working knowledge of application security concepts, including offensive techniques, vulnerability classes, defensive techniques, and securityarchitecture
Equal Opportunity Employer Minorities/Women/Veterans/Disabled