IT Application Security Architect (Hybrid)

Essential Functions

:

• Assess the current design and codebase to identify areas in need of improvement. Work with members of project teams to resolve security issues.
• Must work seamlessly with the Eversource developers to ensure the successful adoption of required security approaches and capabilities.
• Conduct threat modeling for new and existing applications. Perform security testing such as static code analysis, pentesting, and dynamic application security testing.
• Apply a cybersecurity background to perform code analysis when resolving false positives and provide remediation recommendations.
• Establish application security requirements based on company standards and industry best practices.
• Develop and maintain infrastructure as code security policies.
• Test and evaluate security tools, and products.

Technical Knowledge/Skill/Education/Licenses/Certifications:

• Bachelor’s degree in Information Systems or a related technical field or equivalent experience

:

• 5+ years applied experience in application security or related position.
• Must have a background performing cybersecurity code analysis. This includes identifying and resolving false positives, explaining vulnerabilities in simple terms to project teams, and providing remediation recommendations to development teams.
• Experience with software composition analysis and tools to scan source and binary code for the purpose of identifying dependency vulnerabilities.
• Experience with implementing and using static and dynamic analysis tools. Experience performing penetration testing is preferred.
• Experience using and/or maintaining Checkmarx, Burp Suite, or Contrast preferred.
• Experience with DevSecOps. Experience with automating security operations within CICD workflows preferred.
• Experience in writing code using a major programming language is preferred. Specifically, .NET.
• Experience with cloud methodology and terminology. Experience working with cloud-based platforms and applications. Experience with Azure is preferred.
• Exhibits an exceptional degree of ingenuity, creativity and/or resourcefulness.
• Produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management.
• Familiarity with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy.
• Bachelor's degree or equivalent in Engineering, Computer Science, Data Science or Information Technology is preferred.
• Azure cloud certification(s), or similar cloud certifications preferred.
• Industry security certifications such as CISSP, CCSP, Azure certifications, HTB Certified Penetration Testing Specialist, or OSCP preferred.

Working Conditions:

• Must be available to work emergency restoration assignment as required.
• Must be available to travel between MA/CT/NH as necessary.

#LI-KS1

#corpajd

Competencies:

Build trusting relationships

Manage and develop people

Foster teamwork and cross-functional collaboration

Lead change

Communicate strategic vision

Create an engaged workforce

Focus on the customer

Take ownership & accountability

Compensation and Benefits:

Eversource offers a competitive total rewards program.Check out our careers site for an overview of our benefits programs. Salary is commensurate with your experience. This position is eligible for a potential incentive.The annual salary range for this position is:

$137,730.00-$153,030.00

Worker Type:

Regular

Number of Openings:

1

Emergency Response:

Responding to emergency situations to meet customers’ needs is part of every employee’s role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.