🌎
This job posting isn't available in all website languages

Settings

Experian Careers Job Search

Application Defense Manager

📁
Information Technology & Systems
📅
182828 Requisition #
Apply for Job
Share this Job

Experian Global Application Security team is responsible for protecting personally identified information assets against cyber threats for customers in more than 80 countries and across Experian's business units which include 17,000+ employees across more than 40 countries. Experian Global Application Security involves supporting its customers with the optimal combination of people, processes and technologies to provide situational awareness through the detection, containment, and remediation of technology threats across the enterprise.

Experian is seeking a motivated, career and customer oriented leader to join our team in Allen, Texas. This is a growing team, with senior leaderships support and visibility. This role is involved in projects or issues of high complexity that requires an individual who can quickly think on their feet, challenge the status quo, and rapidly move from ideation to delivery.
 
This position will report to Director, Head of Application Security

Primary Responsibilities

  • Lead a team responsible for conducting internal and external penetration testing and automated web application security testing.
  • Evolve the delivery model for the Application penetration testing service, including roles and responsibilities, remediation plans, rollout of best practices, etc.
  • Hire, manage, and develop staff of application penetration testers by providing direction, establishing clear and measureable objectives, managing performance, training and coaching.
  • Develop and maintain KPIs to help project resource requirements, and forecast sub-contractor usage. 
  • Ensure effective knowledge management of findings and review results of penetration testing in order to determine severity of findings and identify potential remediation or mitigation strategies
  • Monitors and reports progress, problems and solutions in a timely manner. Follows through to ensure dollars and time estimates are realized within planned limits.
  • Effectively communicates to management and business sponsors the status of projects and issues as they relate to the testing process.
  • Provides clear, consistent, regular communication with all project stakeholders at all levels, including presentations to senior management, creating agendas and meeting minutes.
  • In-depth research of the latest adversarial tactics, techniques and procedures (TTPs) and technologies to remain at the bleeding edge.
  • Create and support KPIs and KRIs that measure risk reduction and progress over time.
  • Builds a high performance team
  • Develops and mentors staff to achieve career goals and maintain leadership succession planning.
 
Qualifications
EDUCATION/EXPERIENCE
  • Bachelor’s degree in related field (Business, Information Services, IT, Information Security, etc.); Master’s preferred.
  • 10 years of hands on Application Penetration testing experience with at least 4 years in managing and leading a team of penetration testers.
  • A Self Starter with strong organizational skills, including the ability to deliver with minimal supervision and experienced in working in an onsite-offshore model.
  • Expert knowledge and hands on experience of penetration tools such as Kali linux, Burpsuite, Nessus, Metasploit etc.
  • Expert knowledge of existing, emerging threats, web security principles and attack vectors
  • Ability to Author detailed and articulate penetration test reports, including prescriptive recommendations for remediation options
  • Extensive knowledge of information and technology security management technologies, methods, standards, and processes as well as knowledge of compliance, legal, internal / external audit & regulatory requirements.
  • Strong Expertise with Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), and National Institute of Standards and Technology (NIST) Special Publications
  • Strong expertise in the collaboration, facilitation and coordination with the business units for the mitigation of risks.
  • Strong understanding of Application Design, DevOps, TCP/IP fundamentals, network protocols, system administration and network architectures.
  • Experience and exposure to large organizational implementations of vulnerability management programs, with specific emphasis on application security, metrics development and reporting.
  • Experience with programming at least one of the following: Perl, Python, ruby, bash, C or C++, C#, or Java, including scripting and editing existing code 
  • Knowledge of Web Frameworks such as Spring, Struts Hibernate, ASP, JSP etc and APIs (JSON/REST/SOAP)
  • Understanding of APIs (JSON/REST/SOAP) An aptitude for technical writing, including assessment reports, presentations and operating procedures.
  • Strong problem solving and project execution skills. Ability to handle changing priorities and drive difficult decisions.
  • Ability to solve very complex security issues that span multiple components in an Application infrastructure.
  • Ability to lead and motivate the team to achieve tactical and strategic goals.
  • Knowledge of common information security management frameworks, including but not limited to: ISO 27001/27002, ITIL, COBIT and NIST is desired.
  • Professional security management certification, such as a CISSP, CISM, CEH, OSCP/E, GWAPT, GPEN, or GXPN certification(s) or other similar credentials, is desired

Experian is an Equal Opportunity Employer. Anyone needing accommodation to complete the interview process should notify the talent acquisition partner. The word "Experian" is a registered trademark in the EU and other countries and is owned by Experian Ltd. and/or its associated companies.


EOE including Disability/Veterans


My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Allen, Texas, United States

📁 Information Technology & Systems

Allen, Texas, United States

📁 Information Technology & Systems

Allen, Texas, United States

📁 Information Technology & Systems

Privacy Policy  |  Online Community  |  Press  |  Investor Relations