Aspen Technology, Inc. Technical Director - CyberSecurity in Bedford, Massachusetts
As a leader of the Application Security and Compliance team, you will provide guidance and your expertise through product secure development life cycle processes, security of products, advice and evangelization of developers on application security best practices, and prescribe actions. We are looking for a sharp, disciplined, application software security subject matter expert (SME) with deep technical expertise in Security, Cryptography, Authentication, Application Security, etc. to fill a security engineering leadership role.
The ideal candidate will have experience in architecting, building and delivering innovative and proactive secure solutions that are resilient to even the most sophisticated attacks of today and tomorrow. As a member of the Technology organization, this position will work closely with application development teams, security engineering, quality assurance, and information security teams across the organization.
You will work with smart and passionate people to deliver results that have a direct impact on the company’s bottom line.
You will take on important and exciting responsibility from day one, working with key stakeholders across the company.
-You will be challenged to excel and lead alongside the brightest talent in the industry and be rewarded for your achievements.
This candidate shall have:
Knowledge of software design principles, architecture guidelines, functioning of middleware & messaging systems, and Service Oriented Architecture (SOA)
The ability to test and verify the security of products, interpret results, identify and characterize fixes, advice and evangelize developers on best practices
The ability to be a cybersecurity change agent capable of defining and executing the strategy for cybersecurity initiatives independently and in alignment with the company business objectives
Thorough knowledge of the complete Secure Development Life Cycle(SDL) and the ability to implement/oversee the packaging and releasing of critical patches, which may include but not be limited to data corruption and security fixes
The ability to anticipate cybersecurity risks: understand how hackers think, business ethics, and the mandate to protect corporate interests
Knowledge of secure development best practices for highly distributed software products that run on-premise as well as in the cloud (IaaS, SaaS).
Knowledge of secure development best practices for Internet of Things (IoT) applications (sensor to edge to cloud). Experience with IIoT applications a plus.
Knowledge in the areas of software and network security, compliance, and control
Knowledge in various security, compliance, and control initiatives
Ability to communicate and collaborate at all levels including executive management, developers, QE engineers, IS and customer facing personnel
Define and execute the strategy for cybersecurity initiatives independently for the Technology organization and in alignment with the company product initiatives
Responsible for the policy, implementation, and oversight of the application security program for the Technology group
Audit compliance with executive, legislative and company mandates affecting cybersecurity programs
Provide leadership to leverage IT resources in order to improve the security of applications being developed
Monitor and evaluate the progress of the cybersecurity initiatives and their accomplishments
Collaborate with peers and development personnel to promote the scalability, configurability, performance, security, customizability, and quality in our products
Support the Technology organization to shape new product directions as well as implement the product strategy with the perspective of ensuring secure applications
Perform periodic reviews and assessments of security architecture of all products and enforce best practices to ensure that appropriate security functions have been included in the application software design and architecture
Adhere to standard processes such as issue tracking, source code control, coding conventions, and the software development life cycle (SDLC)
Optimize and tune performance of products with security features enabled
Direct the development and implementation of the security vulnerability scanning systems and security program within R&D
Advise senior management on major application security decisions
Responsible for the efficient management and safeguarding of resources and assures internal controls meet company standards
Maintain current knowledge of relevant technology as assigned.
10+ years software development experience in one or more of.NET, C/C++ or C#(Java, JEE a plus)
Certified Information Security Professional (CISSP), and Certified Information Security Manager (CISM) certifications would be a very strong plus
Experience in using application security tool, such as IBM AppScanand Rapid7 Appspideris a plus
Demonstrated ability working with Object-Oriented Design and other Software Patterns
Good inter-personal, presentation and communication skills (special skills encouraged)
Experience in architecting, designing, developing, and debugging network-centric distributed software systems for the Enterprise
Experience in dealing with “Continuous Integration/build systems”
Proven history of working well in groups and with off-shore teams
Demonstrated ability to take on and be accountable in delivering initiatives without frequent supervision or assistance
B.S. or higher in Applied Math, Statistics, Computer Science, or related field; though Masters degree is not required, subject matter expertise in application software security is a must
Proficiency in Enterprise System Security is required including Authentication, Authorization, Permissions, LDAP, Active Directory, SAML 2.0 tokens
Experience in implementing dynamic and secure web services; knowledge of WS* Web Services and REST is required. Experience in implementing security around Web Services will be considered plus
Experience Agile Software Methodology, Scrum, iterative software methodologies, and XP (Extreme Programming) would be a plus
Experience developing for and supporting mobile devices
Experience with Open Source in an Enterprise Application Software Development Environment a plus
Thorough understanding of Cryptography and its application in software development
Ability to prioritize and track multiple projects in parallel and experience running development teams using progressive methodologies
Aspen Technology is an Equal Opportunity Affirmative Action employer.
Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Connect With Us!
Not ready to apply?for general consideration.
Req # 9765
# of Openings 1
Job Posting Category Information Technology