Manager, Application Security Testing

Life here at Dun & Bradstreet is changing - for the better. With almost two centuries of experience and a new modern vibe, work at D&B has never been more exhilarating. Our purpose is to grow the most valuable relationships in business by uncovering truth and meaning in data. We're wildly passionate about our purpose, and it has us evolving everything we do - from how we engage with our customers to how we energize one another. So if you thrive in a fluid, agile culture but want the solidity of a storied and commanding brand, come join us! Our Technology Team: Technology is a global team that creates and operates the systems that deliver D&B data into our customer's ecosystems. We eat, breathe, and dream of technologies that run our business today - and those that will transform the way we deliver value in the future. The Role:     The Application Security Director will manage and execute various application security initiatives including: application vulnerability scanning, application assessment, penetration testing and remediation management.  You will also be responsible for secure application architecture design and reviews. Working with the product development teams, you will establish secure coding practices and developer awareness and training. Our ideal candidate will have extensive experience identifying and protecting against web application and web service security vulnerabilities. This role reports to the Director of Security Architecture and Engineering. Key Responsibilities: Manage a small team responsible for delivering the practice of application vulnerability scanning, assessment and penetration testing. Establish effective tracking and triaging of application security issues and vulnerability findings.  Coordinate the response of application engineering teams by guiding them through the remediation process. Establish and evangelize secure coding standards, procedure and practices across various application engineering, development and support organizations. Conduct application architecture reviews and support the engineering teams in designing, developing, and implementation secure applications that follow industry best practices and meet internal and external security standards Evaluate, select and deploy application security tools to improve our detection and prevention capabilities. Represent the Global Security & Risk organization with external auditors, customers and regulators reviewing and validating our application security posture. Key Requirements:      A Bachelor of Science degree or equivalent A minimum experience of 7 years in Information Technology with 4+ years focused on Application Security Strong program management, people leadership and communication skills In-depth experience identifying and protecting against web application and web service security vulnerabilities including those defined in OWASP Top 10, SANS Top 25. Experience in application design and development secure practices A professional certification in an information security domain such as CISSP or CISA is preferred. Dun & Bradstreet is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, age, national origin, citizenship status, disability status, sexual orientation, gender identity or expression, pregnancy, genetic information, protected military and veteran status, ancestry, marital status, medical condition (cancer and genetic characteristics) or any other characteristic protected by law. We are committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with Dun & Bradstreet and need special assistance or an accommodation to use our website or to apply for a position, please send an e-mail with your request to  Determination on requests for reasonable accommodation are made on a case-by-case basis. 03974
Salary Range: NA
Minimum Qualification
8 - 10 years

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.