Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Software Security Assurance Project Manager

M

Molaprise

Software Security Assurance Project Manager

New York, NY
Full Time
Paid
Similar Jobs
  • Responsibilities

    Software Security Assurance Project Manager

    Location: Remote

    Duration: 2 Years

     

    SCOPE OF SERVICES

    Seeks a Software Security Assurance Project Manager to support the adoption of secure-by-design practices into NYC agencies’ software development lifecycle through our Software Security Assurance Program (SSAP).

     

    TASKS:

     

    Perform application security services including risk assessments, architecture reviews, and code review for internal and third-party applications

    Coordinate with developers, project teams, and third-party vendors to assess and guide secure software development and integration

    Provide consultative guidance during design, development, and deployment phase of new solutions

    Review threat models, validate security controls, and ensure alignment with security policies

    Review and interpret security testing reports and vulnerability findings, and assist with risk remediation strategies

    Contribute improvements in existing AppSec process, workflows, and documentation

    Participate in defining and expanding secure software development lifecycle practices across the organization

    Support the development and refinement of policy and governance documents related to software security

    Track and report on security metrics, status of findings, and overall risk trends

    Support management of tools, resources, and schedules for security testing

     

    MANDATORY SKILLS/EXPERIENCE

    Note: Candidates who do not have the mandatory skills will not be considered

     

    At least 8 years of hands-on experience in application security, secure software development, or security consulting

    Experience conducting security reviews (code, design threat modeling, architecture) for modern applications (web, mobile, cloud-native)

    Strong knowledge of secure development practices, OWASP Top 10, and relevant standards

    Ability to communicate technical risks and recommendations clearly to technical and non-technical audiences

    Familiarity with tools used in code analysis, vulnerability scanning, and security testing

    Experience working cross-functionally with developers, engineers, and product teams

     

    DESIRABLE SKILLS/EXPERIENCE:

    Experience working within or alongside DevOps/CI-CD environments

    Familiarity with container security, API security, and cloud-native application architectures (AWS, Azure, GCP)

    Experience supporting security governance or policy development

    Experience with risk exception processes or helping define security risk tolerances

    Experience in large, complex organizations or government/public sector environments

    Experience with third-party risk assessments, vendor management, or SaaS reviews