Job Description

You will evaluate, design, maintain and monitor application security systems and procedures to safeguard the company’s information systems, networks and databases and ensure compliance with security standards.

Essential Functions:
1. Establish and publish KPIs to demonstrate ongoing compliance with application security policy and the success of individual initiatives
2. Provide consultation to business and development partners on secure coding
3. Apply established and ad hoc processes and techniques to identify, validate, prioritize, and track security risks
4. Identify uncontrolled risks and recommend control improvements
5. Identify security requirement deficiencies proactively; identify and implement appropriate action to resolve security discrepancies
6. Design security control systems to address requirements
7. Operate and monitor established security controls
8. Ensure that controls are operating effectively; resolve operating discrepancies
9. Review, triage, and prioritize control output
10. Identify, evaluate, and recommend new security technologies, techniques, and tools
11. Define, review, and promote information security policies, standards, guidelines, and procedures
12. Perform application security reviews and penetration testing; work with development organization and enforce the application security review process
13. Communicate security weaknesses, exploits, and vulnerabilities to the business and technical teams using both technical and non-technical terms that business understands
14. Model behaviors that support the company’s common purpose; ensure guests and team members are supported at the highest level
15. Ensure all activities are in compliance with rules, regulations, policies, and procedures
16. Complete other duties as assigned

Qualifications
- Bachelor’s degree in computer science, information systems or related field, or equivalent experience required
- Minimum three years’ experience in information and application security required
- Experience leading key aspects of combined application and network penetration, AppSec, wireless security, and vulnerability management
- GPEN, OSCP, GXPN, SMFE, GWAPT, GAWN ISSP, CEH, GSEC, or CISM certification is preferred Specialized Knowledge
- Solid knowledge of security attack methodologies, tools, and processes
- Experience with penetration tools such as Kali, Burp Suite, Qualys Guard, Cenzic, Metasploit, OWASP ZED, sqlmap, nosqlmap, WPScan, Nessus, NMAP, etc.
- Familiarity with Cloud technology
- AWS platform and services, and Google Big Query/GCE/GCS, etc.
- Versed in two or more programming and scripting languages such as HTML5, Java, Python, Ruby, Perl, Bash, PowerShell Competencies
- Strong written and verbal communication skills
- Demonstrated ability to develop effective working relationships
- Strong organizational skills
- Ability to handle competing priorities and plan accordingly
- Ability to maintain focus and rapidly develop new skill proficiency
- Ability to work in a fast-paced environment
- Ability to work under pressure with limited supervision, both individually and with a team 
- Results-focused and a strong problem solver
- Desire to research and master new concepts, technologies, and solutions toward ongoing tasks and deliverables
- Travel Travel required less than 5% 


5508 Lonas Rd
Knoxville
TN

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online