Job added in hotlist
Applied job
Contract job
90-day-old-job
part-time-job
Recruiter job
Employer job
Expanded search
Apply online not available
View more jobs in Chicago, IL
View more jobs in Illinois

Job Details

Penetration Testing and Application Security Manager

Company name
Aon PLC.

Salary
{

Location
Chicago, IL, United States

Employment Type
Full-Time

Industry
It

Posted on
Jul 19, 2022

Apply for this job






Profile

Are you a IT Security Penetration Testing Manager who loves to lead and provide strategic direction? This could be an excellent job for you! As a Restoration and Remediation Lead, you will lead and perform professional services in a data breach consulting environment. You will provide oversight and assistance to our partners during remediation and restoration. This role requires one to actively participate in cyber security events by providing prompt support in response and remediation. You will create and deliver professional presentations to internal and external audiences. The ideal candidate can lead and manage others, by empowering the team, and be a problem solver! Collaborate with partners (Solution Management, Product Management, Engineering, Architecture) to understand the requirements, ensure successful security architecture design, support development and delivery of products. Understand the compliance requirements, define the roadmap to align with the standards and regulations. Collect all the application & infrastructure security risks in a centralized location and works with product teams to prioritize the developments. Raise any major risks through proper channels. Maintain the relationship with third-party vendors providing services to support assessments  Assess applications & infrastructure threat landscape. Run security assessment queue and conducting application security assessment such as Dynamic Analysis, Penetration Testing & Vulnerability Management Lead all aspects of reporting that will provide analytics and metrics to Cybersecurity leadership Demonstrate a high technical level of Web, Thick Client, Mobile, Web Services, API & infrastructure penetration testing and offer expertise for identifying security vulnerabilities, develop documentations, drive remediation and work with others to assist the education of secure software development lifecycle Acts as a mentor for application & infrastructure engineers on security concepts and provide remediation mentorship, assist in the development of application threat modeling and internal software security champion program, support governance and compliance audits related to PCI, HIPAA, Sox and other regulations. Help with security incident response when neededWe value this experience:7 years of demonstrated experience working in Application Security3 years of Application & Infrastructure Penetration Testing and vulnerability management experience.Direct supervision of a distributed team of 5 people across the globe.Domain Expertise in Application Security, Application Penetration Testing, and vulnerability management Designing and implementing security for online multi-tenant systems and on-premises enterprise products, Designing and implementing security within continuous delivery pipelines and robust test automation.Experience with applying security in DevOps (CI/CD, Release/deployment automation), public cloud (AWS, Azure, GCP), Container security technologies, cloud native technologies (Containers, Server less), microservices architecture etc.Good work ethic with the ability to efficiently multitask in a fast-paced environment, clear communication capability to translate cyber security threats from a technical perspective to business-line understanding and execution, A validated history of ability to manage a team and develop talent.Well-developed analytic, qualitative, and quantitative reasoning skills and proven creative problem-solving abilities with complementary skills for log analytics and diagnosis skills applying regular expression and/or scriptingSecurity certifications like CISSP, OSCP, CEH or equivalent strongly preferred are a plus. Submitted CVEs or appeared on a bug bounty hall of fameWe offer youAon provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, or domestic partner status. Aon is committed to a diverse workforce and is an affirmative action employer. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. #LI-HYBRID#LI-REMOTE#DICE-KH #LI-KH1    2511463,qualifications:UNAVAILABLE,responsibilities:Are you a IT Security Penetration Testing Manager who loves to lead and provide strategic direction? This could be an excellent job for you! As a Restoration and Remediation Lead, you will lead and perform professional services in a data breach consulting environment. You will provide oversight and assistance to our partners during remediation and restoration. This role requires one to actively participate in cyber security events by providing prompt support in response and remediation. You will create and deliver professional presentations to internal and external audiences. The ideal candidate can lead and manage others, by empowering the team, and be a problem solver! Collaborate with partners (Solution Management, Product Management, Engineering, Architecture) to understand the requirements, ensure successful security architecture design, support development and delivery of products. Understand the compliance requirements, define the roadmap to align with the standards and regulations. Collect all the application & infrastructure security risks in a centralized location and works with product teams to prioritize the developments. Raise any major risks through proper channels. Maintain the relationship with third-party vendors providing services to support assessments  Assess applications & infrastructure threat landscape. Run security assessment queue and conducting application security assessment such as Dynamic Analysis, Penetration Testing & Vulnerability Management Lead all aspects of reporting that will provide analytics and metrics to Cybersecurity leadership Demonstrate a high technical level of Web, Thick Client, Mobile, Web Services, API & infrastructure penetration testing and offer expertise for identifying security vulnerabilities, develop documentations, drive remediation and work with others to assist the education of secure software development lifecycle Acts as a mentor for application & infrastructure engineers on security concepts and provide remediation mentorship, assist in the development of application threat modeling and internal software security champion program, support governance and compliance audits related to PCI, HIPAA, Sox and other regulations. Help with security incident response when neededWe value this experience:7 years of demonstrated experience working in Application Security3 years of Application & Infrastructure Penetration Testing and vulnerability management experience.Direct supervision of a distributed team of 5 people across the globe.Domain Expertise in Application Security, Application Penetration Testing, and vulnerability management Designing and implementing security for online multi-tenant systems and on-premises enterprise products, Designing and implementing security within continuous delivery pipelines and robust test automation.Experience with applying security in DevOps (CI/CD, Release/deployment automation), public cloud (AWS, Azure, GCP), Container security technologies, cloud native technologies (Containers, Server less), microservices architecture etc.Good work ethic with the ability to efficiently multitask in a fast-paced environment, clear communication capability to translate cyber security threats from a technical perspective to business-line understanding and execution, A validated history of ability to manage a team and develop talent.Well-developed analytic, qualitative, and quantitative reasoning skills and proven creative problem-solving abilities with complementary skills for log analytics and diagnosis skills applying regular expression and/or scriptingSecurity certifications like CISSP, OSCP, CEH or equivalent strongly preferred are a plus. Submitted CVEs or appeared on a bug bounty hall of fameWe offer youAon provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, or domestic partner status. Aon is committed to a diverse workforce and is an affirmative action employer. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. #LI-HYBRID#LI-REMOTE#DICE-KH #LI-KH1   ,skills:UNAVAILABLE,workHours:UNAVAILABLE,jobBenefits:UNAVAILABLE,datePosted:2022-07-19T21:14:00 0000,employmentType:FULL_TIME,educationRequirements:UNAVAILABLE,salaryCurrency:USD,baseSalary:{@type:MonetaryAmount,currency:USD,value:{@type:QuantitativeValue,value:0,minValue:0,maxValue:0,unitText:YEAR}},validThrough:2023-07-19T21:16:38.000Z,industry:UNAVAILABLE,hiringOrganization:{@type:Organization,name:Aon Corporation,sameAs:https://jobs.aon.com,logo:https://assets.jibecdn.com/prod/aon/0.0.47/assets/brands/https://aon.icims.com/icims2/servlet/icims2?module=AppInert&action=download&id=1134557&hashed=154379},jobLocation:{@type:Place,address:{@type:PostalAddress,addressLocality:Virtual,addressRegion:Illinois,streetAddress:Virtual,postalCode:60601,addressCountry:United States}}}

Company info

Aon PLC.
Website : http://www.aon.com

Similar Jobs:
Description The Lead Solutions Architect works with user groups to solve business problems with available technology including hardware, software, databases, and peripherals. The Lead Solutions Architect works on problems of dive...
Description The CyberSecurity Operations Center Engineer 2 will become part of a Technology Support And Engineering Team that supports, maintains and establishes technical direction for the Certification Authorities (CA), Registr...
Description We have an exciting opportunity to join our team and be a part of modernization our Data Ecosystem at Humana from an on prem solution to a cloud solution. As a Senior Software Engineer you will be able to utilize your...
I was very pleased with the InformationTechnologyCrossing. I found a great position within a short amount of time … I definitely recommend this to anyone looking for a better opportunity.
Jose M - Santa Cruz, CA
  • All we do is research jobs.
  • Our team of researchers, programmers, and analysts find you jobs from over 1,000 career pages and other sources
  • Our members get more interviews and jobs than people who use "public job boards"
Shoot for the moon. Even if you miss it, you will land among the stars.
InformationTechnologyCrossing - #1 Job Aggregation and Private Job-Opening Research Service — The Most Quality Jobs Anywhere
InformationTechnologyCrossing is the first job consolidation service in the employment industry to seek to include every job that exists in the world.
Copyright © 2024 InformationTechnologyCrossing - All rights reserved. 21 192