Software Product Security Specialist (Application Security)-Perm

Please note that this is a perm Product Security position and not a Corporate IT Security position. Also, it relates to Application Security, as opposed to Network Security or System Security. Location: Burlington, MA USA

My client is looking for a Software Product Security Specialist to help define and evangelize security best practices for all delivery models. As a member of the Application Security and Compliance team, you will guide our software development organization through the product secure development life cycle process. You will provide guidance and expertise on security of products as well as advice to developers on application security best practices. You will prescribe actions, co-establish remediation plans and track progress. You will be aware of industry trends, advances in technology and current threats as they pertain to application security.


You will work with smart and passionate people to deliver results that have a direct impact on the company’s bottom line.

You will take on important and exciting responsibility from day one, working with key stakeholders across the company.

You will be challenged to excel and lead alongside the brightest talent in the industry and be rewarded for your achievements.



Drive consistency and adoption of application security best practices through creation, implementation and execution of policies and procedures

Establish best practices for the efficient management and safeguarding of resources and assure internal controls meet company standards

Performs risk assessment of products to prioritize products requiring security scrutiny.

Conducts security architecture reviews on existing products and offer plans for remediation.

Works with development and testing teams to ensure the use of secure coding practices

Performs code review from a security perspective.

Performs threat modeling activities.



Bachelor of Science degree in Computer Science (or equivalent experience).



Basic Qualifications:

3+ years of experience as a product security professional for a software engineering organization and/or ISV.

Secure software development lifecycle experience and adherence to industry benchmarks (OWASP top 10, SANS top 25, MS SDL, etc.)

Detailed technical knowledge of two or more of the following security activities: product risk assessment, security architecture reviews, security code reviews, and threat modeling.

Experience in using application security tools for both static and dynamic scanning; experience with IBM AppScan is a plus

Knowledge of web and distributed application architecture, programming languages and technology.

Knowledge of Security Assurance and Certification benchmarks (ISO 27034, ISA 62443, etc.)

High energy, focus on delivering results, and ability to self-manage.

Continual drive to increase your knowledge and enhance your skills.

High level of personal integrity, ability to professionally handle confidential matters, and reflect appropriate level of judgment and maturity.

Excellent interpersonal, communication and presentation skills.

Demonstrated ability to convey complex information in a clear and concise manner.


Preferred Qualifications that would be a plus:

Certified Information Security Professional (CISSP), and Certified Information Security Manager (CISM) certifications.

Proficiency in Enterprise System Security including Authentication, Authorization, Permissions, LDAP, Active Directory, OAuth, SAML 2.0 tokens

Experience in implementing dynamic and secure web services; knowledge of WS* Web Services and REST.

Experience Agile Software Methodology, Scrum, iterative software methodologies.

If interested and more importantly qualified, please send updated resume with contact info to and you will be contacted immediately.

Unfortunately Visa Sponsorship or transfer NOT available for this role.


About vinceter1

Onthe company side: TechEdge Recruiting delivers with a one on one approach to staffing technical hiring needs for clients throughout New England. With over 15 years of relative industry experience, we will deliver Quality versus Quantity. We have full life cycle recruiting expertise to provide you with a seamless and confidential process from initial interview set up through salary negotiations. We will respond quickly to your planned and unplanned staffing needs. In fact, we often present candidates that you may miss in your internal recruiting efforts. We thoroughly screen and extensively check credentials and references to present candidates who best match your business needs, functional requirements, and company culture. Then, we handle negotiations and monitor satisfaction. We have a diverse client base to draw from in various industries which includes High Tech, Financial Services, Life Sciences, Retail, Manufacturing, Healthcare and Government. Our goal is to provide companies with the talent they need to grow and to enhance the careers of the candidates we represent. We provide the best-suited candidates for you to screen based upon your requirements. We become a partner with your organization to provide you with the most compatible fit for your specific needs. We will make sure each candidate is well informed and qualified for your position. Companies turn to us for our expertise in understanding exactly what they seek (and because we take the time to learn what our candidates seek). We take pride in offering the most effective and discreet placement services available. Because of that, we are able to attract top notch, technology savvy, bright individuals and help them grow in great companies. You pay us NO FEE unless or until you hire our candidate. Expertise in the following areas: Database Administration/Development-Oracle, SQL Server Desktop/Help Desk Support Network & Infrastructure Engineering-LAN/WAN/SAN, Security, Firewalls, Messaging System Administration-Unix or Windows based, Linux Web Development/Software Engineering SAP/Peoplesoft Consultants SharePoint Developers, Administrators, Analysts & Architects On the Candidate side: TechEdge Recruiting works with Information Technology professionals using a one on one approach to assist in attaining your career goals. Our services are effective and discreet. We have a diverse company client base in various industries which include High Tech/Software, Financial Services, Life Sciences, Retail, Manufacturing, Healthcare and Government. Companies turn to us for our expertise in understanding exactly what they seek because we take the time to learn what our candidates seek. We are results oriented and pride ourselves in elevating the careers of talented people. We do this while helping View all posts by vinceter1

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

TechEdge Recruiting Blog

Quality versus Quantity

Captain Kirk's Fishing Blog

Quality versus Quantity

%d bloggers like this: