Offer summary

Qualifications:

Minimum of 8 years of experience in application security or security consulting., Proficiency in conducting security reviews for web, mobile, and cloud-native applications., Strong knowledge of secure development practices, OWASP Top 10, and relevant security standards., Ability to communicate technical risks effectively to both technical and non-technical audiences..

Key responsibilities:

Perform application security assessments including risk and architecture reviews.

Coordinate with development teams and vendors to ensure secure software development.

Review threat models and security testing reports to identify vulnerabilities.

Contribute to the development of security policies and improve existing security processes.

Job description

Description

Position at Zones LLC.

Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s really only one: Zones – First Choice for IT.^TM

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview:

Term: 2 years

Location: New York - remote

Pay: $90.00 - $110.00; commensurate with experience

Hours: normal business hours

Cyber Command is in urgent need for software security assurance project managers. These resources will be essential to protect sensitive data, ensure essential service continuity, and maintain public trust by proactively mitigating cyber threats and vulnerabilities in the City’s digital infrastructure.

What you’ll do as the Project Manager:

The requirements below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This job description is not intended to be a comprehensive list of the duties and responsibilities of the position, and the duties and responsibilities may change without notice.

Perform application security services including risk assessments, architecture reviews, and code review for internal and third-party applications
Coordinate with developers, project teams, and third-party vendors to assess and guide secure software development and integration
Provide consultative guidance during design, development, and deployment phase of new solutions
Review threat models, validate security controls, and ensure alignment with security policies
Review and interpret security testing reports and vulnerability findings, and assist with risk remediation strategies
Contribute improvements in existing AppSec process, workflows, and documentation
Participate in defining and expanding secure software development lifecycle practices across the organization
Support the development and refinement of policy and governance documents related to software security
Track and report on security metrics, status of findings, and overall risk trends
Support management of tools, resources, and schedules for security testing. What you will bring to the team:
At least 8 years of hands-on experience in application security, secure software development, or security consulting
Experience conducting security reviews (code, design threat modeling, architecture) for modern applications (web, mobile, cloud-native)
Strong knowledge of secure development practices, OWASP Top 10, and relevant standards
Ability to communicate technical risks and recommendations clearly to technical and non =technical audiences
Familiarity with tools used in code analysis, vulnerability scanning, and security testing
Experience working cross-functionally with developers, engineers, and product teams

Zones offers a comprehensive Benefits package

While we’re committed to providing top-tier solutions, we’re just as committed to supporting our own team. As a valued team member, you will be eligible for a comprehensive benefits package that includes medical coverage, as well as state-mandated sick leave, along with other benefits designed to support your well-being and work-life balance. And as a Minority Business Enterprise, a Corporate Plus member of the Northwest Minority Supplier Development Council, and an Equal Employment Opportunity Employer, our community is just as diverse.

At Zones, work is more than a job –with exciting careers with a global team who are client centric, have a passion for tech, who embrace change and lifelong learning in a collaborative culture. If you’re interested in working on the cutting edge of IT innovation, sales, engineering, operations, administration, and more, Zones is the place for you!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status or on the basis of disability.

Zones participates in E-Verify. E-Verify is a system that compares information from a team member’s Form I-9 to federal records to confirm their eligibility to work in the United States.

Required profile