Information Security Engineer

Key Responsibilities

• Partner with various stake holder groups, including Product/Engineering, Legal, HR, and IT to

promote and build a culture of security and implement controls accordingly

• Work with Information Security and Information Technology teams to build & maintain controls to

manage varied risks including application, insider and cyber risks

• Monitor internal and external threat landscape to update strategy and intellectual protection

program roadmap

• Work with a global team to help implement and monitor security controls to proactively identify

insider risk issues and application security issues

• Partner with software development teams across Applied to incorporate and implement secure

SDLC concepts such as training, security requirements, threat modeling, code/design reviews, and

security testing

• Partner with software development teams to implement processes and tools to enable code

analysis, vulnerability assessment, open source license compliance

• Review and update policies and provide training as needed to internal & external audience

• Provide periodic reports to management team and key stakeholders

Qualifications

• Bachelor’s degree in Information Technology or related field

• 3-4 years of management experience in information security or related field and overall, 7-10

years of information security experience

• Prior experience in partnering with cross-functional teams to deliver impactful security initiatives

• Prior experience working on application security, product security, cyber security or managing

insider risk initiatives preferred

• Prior experience with threat modeling, security design reviews, and security architectural

concepts

• Any recognized security certifications, e.g., CISSP, CISA, CISM etc.

• Working experience in a global company is preferred

• Excellent analytical and critical thinking skills

• Ability to manage multiple projects with team members from various business units/functions

and countries

• Ability to work both independently and work within a team to analyze complex business problems

and recommend solutions

• Ability to travel periodically

• Expertise across common information security management frameworks, such as ISO/IEC 27001,

ITIL, COBIT, NIST, including 800-53 and Cybersecurity Framework is preferred

• Strong interpersonal, writing, and communication skills; ability to clearly articulate and visually

present complex advice to managers at all levels