Cynet systems Inc
Job Description
Pay Range: $134000yr - $170000yr
The Application and Cloud Security Lead provides technical leadership within the cybersecurity team, overseeing application security and cloud security initiatives.
This role is responsible for building and advancing secure software development practices, strengthening cloud security posture, and leading strategic security programs.
The ideal candidate is a highly technical security professional with experience in secure coding, DevSecOps, and cloud security architecture, capable of mentoring teams and driving enterprise‑level security improvements.
Requirement / Must Have
Strong expertise in application security and cloud security.
Experience building and leading application and/or cloud security programs.
Hands‑on knowledge of secure software development lifecycle (SSDLC).
Expertise with application security testing tools (SAST, DAST, IAST, SCA).
Experience securing CI/CD pipelines and DevSecOps environments.
Proven leadership and mentoring experience.
Experience
Minimum 5+ years of progressive experience in application security, cloud security, or related cybersecurity roles.
Experience leading complex security initiatives and strategic programs.
Experience collaborating with development, DevOps, and operations teams.
Responsibilities
Design and lead application and cloud security programs aligned with business and security objectives.
Lead engineers in executing strategic security roadmaps.
Design, implement, and maintain advanced security controls for applications and cloud environments.
Establish and maintain a secure software development lifecycle including threat modeling, secure coding standards, and testing practices.
Drive implementation and management of Cloud Security Posture Management (CSPM) tools.
Implement and integrate application security testing tools into development workflows.
Conduct and oversee application and cloud security assessments, including penetration testing and code reviews.
Provide technical leadership, guidance, and mentorship to security engineers.
Embed security into DevOps workflows and promote a DevSecOps culture.
Research, evaluate, and recommend new security technologies and methodologies.
Respond to and lead remediation of complex application and cloud security incidents.
Collaborate with vendors, partners, and stakeholders to align with industry best practices.
Ensure security solutions are scalable, maintainable, and aligned with established frameworks.
Perform other duties as assigned.
Should Have
Experience with modern architectures, including microservices, APIs, and containers.
Knowledge of container and orchestration security (Docker, Kubernetes).
Familiarity with infrastructure‑as‑code security practices.
Experience participating in industry forums or regulatory discussions.
Skills
Application security and secure coding practices.
OWASP Top 10 and application security frameworks.
Cloud platforms: AWS, Azure, or GCP.
CSPM tools and cloud‑native security services.
CI/CD pipeline security and DevSecOps.
Vulnerability management and threat modeling.
Strong communication, leadership, and project management skills.
Ability to translate technical risks to technical and non‑technical stakeholders.
Proficiency with Microsoft Office (M365) tools.
Qualification and Education
Bachelor’s degree in Information Security, Computer Science, or related field.
Advanced degree or equivalent professional experience preferred.
Relevant certifications preferred: CISSP, CCSP, CSSLP, cloud security certifications, or GIAC certifications.
#J-18808-Ljbffr
The Application and Cloud Security Lead provides technical leadership within the cybersecurity team, overseeing application security and cloud security initiatives.
This role is responsible for building and advancing secure software development practices, strengthening cloud security posture, and leading strategic security programs.
The ideal candidate is a highly technical security professional with experience in secure coding, DevSecOps, and cloud security architecture, capable of mentoring teams and driving enterprise‑level security improvements.
Requirement / Must Have
Strong expertise in application security and cloud security.
Experience building and leading application and/or cloud security programs.
Hands‑on knowledge of secure software development lifecycle (SSDLC).
Expertise with application security testing tools (SAST, DAST, IAST, SCA).
Experience securing CI/CD pipelines and DevSecOps environments.
Proven leadership and mentoring experience.
Experience
Minimum 5+ years of progressive experience in application security, cloud security, or related cybersecurity roles.
Experience leading complex security initiatives and strategic programs.
Experience collaborating with development, DevOps, and operations teams.
Responsibilities
Design and lead application and cloud security programs aligned with business and security objectives.
Lead engineers in executing strategic security roadmaps.
Design, implement, and maintain advanced security controls for applications and cloud environments.
Establish and maintain a secure software development lifecycle including threat modeling, secure coding standards, and testing practices.
Drive implementation and management of Cloud Security Posture Management (CSPM) tools.
Implement and integrate application security testing tools into development workflows.
Conduct and oversee application and cloud security assessments, including penetration testing and code reviews.
Provide technical leadership, guidance, and mentorship to security engineers.
Embed security into DevOps workflows and promote a DevSecOps culture.
Research, evaluate, and recommend new security technologies and methodologies.
Respond to and lead remediation of complex application and cloud security incidents.
Collaborate with vendors, partners, and stakeholders to align with industry best practices.
Ensure security solutions are scalable, maintainable, and aligned with established frameworks.
Perform other duties as assigned.
Should Have
Experience with modern architectures, including microservices, APIs, and containers.
Knowledge of container and orchestration security (Docker, Kubernetes).
Familiarity with infrastructure‑as‑code security practices.
Experience participating in industry forums or regulatory discussions.
Skills
Application security and secure coding practices.
OWASP Top 10 and application security frameworks.
Cloud platforms: AWS, Azure, or GCP.
CSPM tools and cloud‑native security services.
CI/CD pipeline security and DevSecOps.
Vulnerability management and threat modeling.
Strong communication, leadership, and project management skills.
Ability to translate technical risks to technical and non‑technical stakeholders.
Proficiency with Microsoft Office (M365) tools.
Qualification and Education
Bachelor’s degree in Information Security, Computer Science, or related field.
Advanced degree or equivalent professional experience preferred.
Relevant certifications preferred: CISSP, CCSP, CSSLP, cloud security certifications, or GIAC certifications.
#J-18808-Ljbffr