Security Assurance Project Manager

Overview

On Site
$DOE
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 24 month(s)

Skills

Azure
GCP)
Application Security AppSec Reviews Secure Software Development Security Architecture Review Code Review (Static & Dynamic Analysis) Threat Modeling Vulnerability Assessment Risk Assessment & Mitigation Secure SDLC (Software Development Lifec
SAST / DAST Tools (Veracode
Checkmarx
Fortify
Burp Suite
OWASP ZAP) Vulnerability Scanners Code Analysis Tools Security Testing Tools DevSecOps / CI-CD Integration Container Security (Docker
Kubernetes) API Security Cloud Security (AWS

Job Details

Job Title: Security Assurance Project Manager

Duration: 24 Months

Location: Remote

Job Duties and Responsibilities:

  • Perform application security services including risk assessments, architecture reviews, and code review for internal and third-party applications
  • Coordinate with developers, project teams, and third-party vendors to assess and guide secure software development and integration
  • Provide consultative guidance during design, development, and deployment phase of new solutions
  • Review threat models, validate security controls, and ensure alignment with security policies
  • Review and interpret security testing reports and vulnerability findings, and assist with risk remediation strategies
  • Contribute improvements in existing AppSec process, workflows, and documentation
  • Participate in defining and expanding secure software development lifecycle practices across the organization
  • Support the development and refinement of policy and governance documents related to software security
  • Track and report on security metrics, status of findings, and overall risk trends
  • Support management of tools, resources, and schedules for security testing

Required Skills:

  • At least 8 years of hands-on experience in application security, secure software development, or security consulting
  • Experience conducting security reviews (code, design threat modeling, architecture) for modern applications (web, mobile, cloud-native)
  • Strong knowledge of secure development practices, OWASP Top 10, and relevant standards
  • Ability to communicate technical risks and recommendations clearly to technical and non-technical audiences
  • Familiarity with tools used in code analysis, vulnerability scanning, and security testing
  • Experience working cross-functionally with developers, engineers, and product teams

Desirable Skills:

  • Experience working within or alongside DevOps/CI-CD environments
  • Familiarity with container security, API security, and cloud-native application architectures (AWS, Azure, Google Cloud Platform)
  • Experience supporting security governance or policy development
  • Experience with risk exception processes or helping define security risk tolerances
  • Experience in large, complex organizations or government/public sector environments
  • Experience with third-party risk assessments, vendor management, or SaaS reviews

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.