Cyber Command Software Security Assurance Project Manager Lev.3
Posted 4 days ago by 1753787113
Negotiable
Outside
Remote
USA
Summary: The Cyber Command Software Security Assurance Project Manager Lev.3 is responsible for overseeing application security services, including risk assessments and code reviews, for both internal and third-party applications. This role requires extensive experience in secure software development and collaboration with various teams to ensure secure practices throughout the software lifecycle. The position is remote and requires work during the EST time zone. Candidates must have valid work authorization until September 2027 and provide professional references.
Key Responsibilities:
- Perform application security services including risk assessments, architecture reviews, and code review for internal and third-party applications.
- Coordinate with developers, project teams, and third-party vendors to assess and guide secure software development and integration.
- Provide consultative guidance during design, development, and deployment phase of new solutions.
- Review threat models, validate security controls, and ensure alignment with security policies.
- Review and interpret security testing reports and vulnerability findings, and assist with risk remediation strategies.
- Contribute improvements in existing AppSec process, workflows, and documentation.
- Participate in defining and expanding secure software development lifecycle practices across the organization.
- Support the development and refinement of policy and governance documents related to software security.
- Track and report on security metrics, status of findings, and overall risk trends.
- Support management of tools, resources, and schedules for security testing.
Key Skills:
- At least 15-20 years of hands-on experience in application security, secure software development, or security consulting.
- Experience conducting security reviews (code, design threat modeling, architecture) for modern applications (web, mobile, cloud-native).
- Strong knowledge of secure development practices, OWASP Top 10, and relevant standards.
- Ability to communicate technical risks and recommendations clearly to technical and non-technical audiences.
- Familiarity with tools used in code analysis, vulnerability scanning, and security testing.
- Experience working cross-functionally with developers, engineers, and product teams.
- Experience working within or alongside DevOps/CI-CD environments.
- Familiarity with container security, API security, and cloud-native application architectures (AWS, Azure, Google Cloud Platform).
- Experience supporting security governance or policy development.
- Experience with risk exception processes or helping define security risk tolerances.
- Experience in large, complex organizations and/or government/public sector environments.
- Experience with third-party risk assessments, vendor management, or SaaS reviews.
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
Detailed Description From Employer:
Position: Cyber Command Software Security Assurance Project Manager Lev.3
Work Location: Remote (Must work on EST time zone)
Duration: 24 months (35 hours/week)
Work Authorization MUST BE valid Till Sept 2027 (no exceptions on this).
Resource Must provide Three (3) Professional References ;
Work Authorization & Valid Photo ID
Scope of Services:
- Perform application security services including risk assessments, architecture reviews, and code review for internal and third-party applications.
- Coordinate with developers, project teams, and third-party vendors to assess and guide secure software development and integration.
- Provide consultative guidance during design, development, and deployment phase of new solutions.
- Review threat models, validate security controls, and ensure alignment with security policies.
- Review and interpret security testing reports and vulnerability findings, and assist with risk remediation strategies.
- Contribute improvements in existing AppSec process, workflows, and documentation.
- Participate in defining and expanding secure software development lifecycle practices across the organization.
- Support the development and refinement of policy and governance documents related to software security.
- Track and report on security metrics, status of findings, and overall risk trends.
- Support management of tools, resources, and schedules for security testing
Must have Skills:
- At least 15-20 years of hands-on experience in application security, secure software development, or security consulting.
- Experience conducting security reviews (code, design threat modeling, architecture) for modern applications (web, mobile, cloud-native).
- Strong knowledge of secure development practices, OWASP Top 10, and relevant standards.
- Ability to communicate technical risks and recommendations clearly to technical and non-technical audiences.
- Familiarity with tools used in code analysis, vulnerability scanning, and security testing.
- Experience working cross-functionally with developers, engineers, and product teams.
- Experience working within or alongside DevOps/CI-CD environments.
- Familiarity with container security, API security, and cloud-native application architectures (AWS, Azure, Google Cloud Platform).
- Experience supporting security governance or policy development.
- Experience with risk exception processes or helping define security risk tolerances.
- Experience in large, complex organizations and/or government/public sector environments.
- Experience with third-party risk assessments, vendor management, or SaaS reviews