• Bachelor’s degree and at least 6 years of experience in IT Security OR a High School Diploma/GED and at least 9 years of experience in IT Security
• At least 5 years of experience with security/cyber forensics, threat hunting, incident response analysis, and/or Information security consulting
• Experience establishing & maintaining relationships with individuals at all levels of the organization, including the executive level.
• Experience diagnosing, isolating, and resolving complex issues and recommending and implementing strategies to resolve problems"
• Experience leading cross-functional teams
• At least 2 years of experience contributing to financial decisions in the workplace.
• At least 3 years of direct leadership, indirect leadership and/or cross- functional team leadership.
• Willing to travel up to 10% of the time for business purposes (within state and out of state)

• 5+ years of experience in application security, vulnerability management, or secure software engineering.

• Strong knowledge of automation engineering and vulnerability scanning tools, especially Rapid7 InsightVM and Microsoft Defender.

• Strong proficiency in Excel (pivot tables, lookups, data modeling) and Power BI.

• Demonstrated experience translating raw security data into clear, prioritized, and contextualized risk metrics automatically

• Deep understanding of OWASP, MITRE ATT&CK, and CWE frameworks.

• Experience working with engineering teams to remediate findings

• Familiarity with software and OS lifecycle management and how it impacts application security.

• Background in software development or scripting (e.g., Python, PowerShell)

• Experience in regulated environments (e.g., PCI, HIPAA).

• Knowledge of asset management and CMDB platforms (e.g., ServiceNow).

• Industry certifications such as GWAPT, OSWE, CSSLP, or CISSP with a focus on AppSec.

Why Join Us?

• Help shape a security-first engineering culture.

• Work with experienced teams in security, IT, and product development.

• Contribute to meaningful improvements in application security across a complex and evolving enterprise landscape.

We will consider employment of qualified applicants with arrest and conviction records.