The Guardian Information Security team employs progressive, dynamic, cutting-edge security assurance measures. This position is located onsite at ReedGroup, a subsidiary company of Guardian Life Insurance Company and is to ensure and enable the alignment of the application security program to the security requirements of our customers.
The successful candidate will be responsible for supporting the following key areas:
* Application, API, and Mobile security testing * Identifying and performing risk-based prioritization of vulnerabilities based on industry standards * Participating in ethical hacking and penetration testing as part of the Red Team * Continued support for migrating into \"DevSecOps\" model * Providing technical expertise to, and potentially running security projects
Skills and Knowledge:
* Work history includes 3-5 years of performing application security assessments and providing SME level support for remediation of findings * Working Knowledge of OWASP methodologies for testing, assessing risk, and improving application security programs * Can determine, defend, and demonstrate the exploitability of a vulnerability and determine residual risk after considering mitigating controls * Strong familiarity or experience with testing APIs and native and web based mobile applications for security defects * Experience developing and continuously improving metrics and communicating the appropriate messaging on the health and progress of the application testing program * Advanced understanding of common IT security controls and frameworks * Familiarity with methods and coding to fix application security issues including experience suggesting code changes to fix security defects * Hands-on experience with application security enterprise grade testing tools and open source testing tools * Familiarity or experience with Penetration testing methodologies and/or Red teaming * Knowledge of concepts for securing networks and systems
* Understanding of the Agile development framework * Proven team player, works well with others but can easily transition to working alone when required * Independent, self-motivated, driven and eager to grow and learn * Expert communicator, able to convey \"technical\" security issues in developer or business terms. * Ability to independently solve problems from definition to closure * Proven ability to multitask in a fast, dynamic environment built on multi-vendor security controls
Education and Experience:
* BA/BS Degree in Information security or equivalent, have some supporting work experience, or alternatively reputable security certifications and equivalent work experience.
* Must have 3 years of experience working within application security discipline * 3 Years leading security initiatives or efforts for a mid to large enterprise
Candidate Identification and Interviews:
The Guardian Talent Acquisition team is partnering with Reed Group Information Security and Guardian Security assurance to rapidly identify viable candidates for this role. Individuals will take part in a multi-tiered interview process, some of which will be on-site in Westminster, CO . Interviews will range from personality based and soft-skill based questions to deeply technical questions and exercises.
Every day, Guardian gives 26 million Americans the security they deserve through our insurance and wealth management products and services. Since our founding in 1860, our long-term view has helped our customers prepare for whatever life brings whether starting a family, planning for the future or taking care of employees. Today, we're a Fortune 250 mutual company and a leading provider of life, disability and other benefits for individuals, at the workplace and through government sponsored programs. The Guardian community of ~9000 employees and our network of over 2750 financial representatives is committed to serving with expertise when, where and how our clients need us. Our commitments rest on a strong financial foundation, which at year-end 2017 included $8.0 billion in capital and $1.6 billion in operating income. For more information, please visit guardianlife.com or follow us on Facebook, LinkedIn, Twitter and YouTube.
Guardian? is a registered trademark of the Guardian Life Insurance Company of America.
Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law.