Demonstrated Experience:

● Minimum of 1-3 years related work experience in Application security, development or equivalent role. ● Building and breaking modern applications (SPAs, mobile apps, APIs, webhooks, etc.) in modern processing environments (CDN, WAF, API gateways, etc). ● Establishing application security practices and technical pipelines, especially integrating useful controls in CI/CD pipelines both on-premise and cloud environments. ● Working with engineering teams to balance ongoing product feature development, technology limitations with security concerns. ● Conducting or being the subject of privacy and/or security audits. ● Ability to produce high quality documentation, reports, procedures and technical specifications to communicate with a wide range of stakeholders. ● Effective at engaging with teams in various functions and across different levels ● Strong organizational skills and ability to prioritize and manage multiple projects simultaneously. ● Excellent analytical and writing skills with an emphasis on communicating complex issues across a wide audience. ● Experience working in an environment that processes PHI and with applicable standards, such as: NIST Privacy Framework, ISO/IEC 27701, ISO 27001, HIPAA, HITRUST, SOC 2.

Licenses/Certifications: The following certifications will help you stand out. ● SANS GWEB, GWAPT ● ISC CSSLP ● OSWE, CASE Java