Principal Security Engineer I

This posting has been extended beyond the initial anticipated closing date.

JOB SCOPE

This position will be responsible for running, maturing and growing the Charter / Spectrum Application Security Scanning program. Actively identifies, evaluates and implements industry leading application security tools and techniques. Maintains and updates application security processes and procedures, mentors other engineering members of the team and validates scan results for accuracy and completeness.

DUTIES AND RESPONSIBILITIES

• Responsible for evolving, expanding and operating the Spectrum Application Security activities in the Vulnerability Management team.
• Demonstrate application security scanning subject matter expertise across system, application, container, and cloud workloads (AWS preferred).
• Provide executive level communication of Vulnerability Management information with system owners, executive stakeholders and security management.
• Develop and publish KPI’s that monitor the efficacy of the Vulnerability Management activities.
• Be able to analyze the results of application scans, understand the results, eliminate false positives, and advise coding best practices.
• Develop best practices for detecting and remediating secrets including API keys and other credentials.
• Maintain effective processes and procedures for Static and Dynamic code analysis (SAST/DAST), Software Bill of Materials (SBOM), and Software Composition Analysis (SCA).
• Thorough understanding of Web application security concepts, principles and guidelines, such as OWASP.
• Work collaboratively with all levels of the business.
• Adhere to industry specific local, state, and federal regulations, as applicable.

BASIC / MINIMUM QUALIFICATIONS

• Bachelor's Degree in Computer Science, Information Security or related field and/or related work experience
• Minimum of Eight (8) years of IT/Network Engineering experience
• Minimum of Eight (8) years of Cyber Security experience

ADDITIONAL JOB QUALIFICATIONS

• Experience with scanning tools such as: Qualys, Tenable, Rapid 7, Veracode, PrismaCloud, etc.
• Previous experience in a Security Operations team

PREFERRED QUALIFICATIONS

• CISSP certification or other relevant security certifications

WORKING CONDITIONS

• Office Environment
• Minimal Travel Required