Overview
On Site
$Competitive
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 8, 2027
Skills
Code Review
Security Controls
Workflow
Documentation
Reporting
Management
Software Security
Software Development
Threat Modeling
OWASP
Vulnerability Scanning
Security QA
DevOps
Continuous Integration
Continuous Delivery
API
Cloud Computing
Amazon Web Services
Microsoft Azure
Google Cloud
Google Cloud Platform
Information Security Governance
Public Sector
Risk Assessment
Vendor Management
SaaS
Job Details
Scope Of Services
Client seeks a Software Security Assurance Project Manager to support the adoption of secure-by-design practices into software development lifecycle through our Software Security Assurance Program (SSAP).
Client seeks a Software Security Assurance Project Manager to support the adoption of secure-by-design practices into software development lifecycle through our Software Security Assurance Program (SSAP).
Responsibilities:
Perform application security services including risk assessments, architecture reviews, and code review for internal and third-party applications
Coordinate with developers, project teams, and third-party vendors to assess and guide secure software development and integration
Provide consultative guidance during design, development, and deployment phase of new solutions
Review threat models, validate security controls, and ensure alignment with security policies
Review and interpret security testing reports and vulnerability findings, and assist with risk remediation strategies
Contribute improvements in existing AppSec process, workflows, and documentation
Participate in defining and expanding secure software development lifecycle practices across the organization
Support the development and refinement of policy and governance documents related to software security
Track and report on security metrics, status of findings, and overall risk trends
Support management of tools, resources, and schedules for security testing
Perform application security services including risk assessments, architecture reviews, and code review for internal and third-party applications
Coordinate with developers, project teams, and third-party vendors to assess and guide secure software development and integration
Provide consultative guidance during design, development, and deployment phase of new solutions
Review threat models, validate security controls, and ensure alignment with security policies
Review and interpret security testing reports and vulnerability findings, and assist with risk remediation strategies
Contribute improvements in existing AppSec process, workflows, and documentation
Participate in defining and expanding secure software development lifecycle practices across the organization
Support the development and refinement of policy and governance documents related to software security
Track and report on security metrics, status of findings, and overall risk trends
Support management of tools, resources, and schedules for security testing
Mandatory skills/experience:
At least 8 years of hands-on experience in application security, secure software development, or security consulting
Experience conducting security reviews (code, design threat modeling, architecture) for modern applications (web, mobile, cloud-native)
Strong knowledge of secure development practices, OWASP Top 10, and relevant standards
Ability to communicate technical risks and recommendations clearly to technical and non-technical audiences
Familiarity with tools used in code analysis, vulnerability scanning, and security testing
Experience working cross-functionally with developers, engineers, and product teams.
At least 8 years of hands-on experience in application security, secure software development, or security consulting
Experience conducting security reviews (code, design threat modeling, architecture) for modern applications (web, mobile, cloud-native)
Strong knowledge of secure development practices, OWASP Top 10, and relevant standards
Ability to communicate technical risks and recommendations clearly to technical and non-technical audiences
Familiarity with tools used in code analysis, vulnerability scanning, and security testing
Experience working cross-functionally with developers, engineers, and product teams.
Desirable Skills/Experience:
Experience working within or alongside DevOps/CI-CD environments
Familiarity with container security, API security, and cloud-native application architectures (AWS, Azure, Google Cloud Platform)
Experience supporting security governance or policy development
Experience with risk exception processes or helping define security risk tolerances
Experience in large, complex organizations or government/public sector environments
Experience with third-party risk assessments, vendor management, or SaaS reviews.
Experience working within or alongside DevOps/CI-CD environments
Familiarity with container security, API security, and cloud-native application architectures (AWS, Azure, Google Cloud Platform)
Experience supporting security governance or policy development
Experience with risk exception processes or helping define security risk tolerances
Experience in large, complex organizations or government/public sector environments
Experience with third-party risk assessments, vendor management, or SaaS reviews.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.