Procter & Gamble Application Security Leader in Cincinnati, Ohio

The Application Security Leader is responsible for the strategic direction that integrates Application Security into every stage in the software development process that protect business-critical applications used to conduct business, as well as responsible to build and sustain Application Security competence in the organization. This includes the required capabilities for Application Security controls verification, Ethical Hacking, Code Scanning, and the associated work processes to ensure sustainability of secure applications and risk profiling.

Our Technical Competencies and Experience

Strong technical knowledge and demonstrable experience in each of the following areas (1 or more of each domain):

SAP Security; Strong knowledge of BASIS controls and ABAP programing

Programming Languages; Java, Python, PHP, C , Perl, Ruby

Operating Systems: Unix, Windows, Linux (Kali preferred)

Mobile: iOS, Android Security; Tools: Appium, Calabash, Experitest

SAST Tools: AppScan, Fortify, Veracode, OWASP (various)

SDLC Methodoligies - Agile, Extreme Programming, Scrum, Lean Software Development, Crystal Methodologies, Feature Driven Development, and Dynamic Systems Development Methodology

Network: WAF - f5, Radware, Fortinet, Imperva

Various: Identity & Authentication controls for applications (group management, application/service account administration)

Cloud Computing Security: AWS WAF and AZURE

Encryption: Symmetric, Asymmetric, and Hashing algorithms

Application Servers: Tomcat, Jetty, Jboss, Glassfish, etc.

Databases: Oracle RDBMS, MS SQL, IBM DB2, MySQL, etc

.

Demonstrable experience of and alignment to national and international laws, regulations, policies, ethics, strategies and methodologies as they relate to cybersecurity (e.g. OWASP, ISO 27001/27001, ITIL, COBIT, and NIST)

Experience with the application of security architecture/programming concepts and principles, including: Software security integration into SDLC - OWASP SAMM, ISO/IEC 15408, NIST SP 800-64, MS Security Development Lifecycle: Secure Software Concepts, Secure Software Requirements, Secure Software Design, Secure Software Implementation/Programming, Secure Software Testing, Secure Lifecycle Management, Software Deployment, Operations, Maintenance, Supply Chain and Software Acquisition

Demonstrable experience in strong decision-making skills and the ability to effectively communicate with individuals across all levels the organization. Excellent written and verbal communications skills. Ability to adjust to changing priorities while multitasking effectively. Ability to design, evaluate and document processes and lead teams in accomplishing process review and improvement

Excellent delivery on dedications, Project Management, establishing Priorities, Deadlines, Issue Management.

Certifications preferred: SAP Security Technology, Certified Information Systems Security Professional (CISSP) Certified Security Software Lifecycle Professional (CSSLP) or equivalent

Qualification Requirements

•Bachelor’s Degree in Information Systems, Information Technology, Computer Science, Engineering, or related fields and/or 7 years meaningful IT experience. •All Information Security roles require CISSP certification. Candidates without the certification must be able to pass the exam within the first 15 months of employment. P&G provides study preparation and exam cost coverage.

Did you know?

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, disability status, age, sexual orientation, gender identity and expression, marital status, citizenship, HIV/AIDS status or any other legally protected factor.

No immigration sponsorship is available for this position. Procter & Gamble does not sponsor candidates for permanent residency except in some areas that in Procter & Gamble's sole discretion require highly specialized backgrounds.

Procter & Gamble participates in e-verify as required by law.

Qualified individuals will not be disadvantaged based on being unemployed.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, disability status, age, sexual orientation, gender identity and expression, marital status, citizenship, HIV/AIDS status or any other legally protected factor.

Immigration sponsorship is not available for this role. As a general matter, Procter & Gamble does not sponsor candidates for nonimmigrant visas or permanent residency. However, Procter & Gamble may make exceptions on a discretionary basis. Any exceptions would be based on the Company's specific business needs at the time and place of recruitment as well as the particular qualifications of the individual.

Procter & Gamble participates in e-verify as required by law.

Qualified individuals will not be disadvantaged based on being unemployed.

Job: Information Technology

Title: Application Security Leader

Location: Ohio-Cincinnati

Requisition ID: IT 00001718