We are seeking a Senior Security Engineer who will leverage wide security expertise and influence to enable business line owners of a variety of applications to comply with MBUSA's security policies and guidelines. This position requires a multi-faceted resource with expertise in Information Security and Enterprise Architecture, with strong people skills, who can lead security remediation efforts, influence leaders internally, maintain productive and cordial relationships and stay organized in managing parallel efforts.
Responsibilities
- Lead application security remediation efforts across a broad portfolio of applications
- Support development teams in Vulnerability Management, Security Incident Management, Risk Management and Audit processes
- Collaborate with stakeholders to understand security policy requirements and translate them into technical guidance and an action plan for application owners
- Act as a liaison between the security/EA organization and its business stakeholders
- Translate policy from governance groups at the parent company based in Germany
- Perform security assessments and audits on applications
- Educate and inform employees on security best practices
- Ensure compliance with industry regulations and standards such as GDPR and HIPAA
Requirements
- 3+ years of experience in Information Security, Application Security and Enterprise Architecture
- Expertise in Solution Architecture and application security remediation across large portfolios
- CISSP highly desired
- Strong people skills with the ability to influence internal leaders and maintain productive cordial relationships
- Capability to manage and stay organized across parallel security remediation efforts
- Understanding of Vulnerability Management, Security Incident Management and Risk Management processes
- Familiarity with industry regulations and standards such as GDPR and HIPAA
- English proficiency at B2 level or higher
- Lead application security remediation efforts across a broad portfolio of applications
- Support development teams in Vulnerability Management, Security Incident Management, Risk Management and Audit processes
- Collaborate with stakeholders to understand security policy requirements and translate them into technical guidance and an action plan for application owners
- Act as a liaison between the security/EA organization and its business stakeholders
- Translate policy from governance groups at the parent company based in Germany
- Perform security assessments and audits on applications
- Educate and inform employees on security best practices
- Ensure compliance with industry regulations and standards such as GDPR and HIPAA