Software Security Assurance Project Manager
Posted 2 weeks ago by 1753433733
Negotiable
Outside
Remote
USA
Summary: UNIVERSAL Technologies is looking for a Software Security Assurance Project Manager with a minimum of 8 years of experience in application security and secure software development. The role involves conducting application security services such as risk assessments and code reviews, while supporting secure development practices across NYC agencies. This is a remote position, and candidates must reside in the EST zone. A valid LinkedIn profile is required for consideration.
Key Responsibilities:
- Perform application security services including risk assessments, architecture reviews, and code review for internal and third-party applications
- Coordinate with developers, project teams, and third-party vendors to assess and guide secure software development and integration
- Provide consultative guidance during the design, development, and deployment phases of new solutions
- Review threat models, validate security controls, and ensure alignment with security policies
- Review and interpret security testing reports and vulnerability findings; assist with risk remediation strategies
- Contribute to improvements in existing AppSec processes, workflows, and documentation
- Help define and expand secure software development lifecycle practices across the organization
- Support the development and refinement of policy and governance documents related to software security
- Track and report on security metrics, status of findings, and overall risk trends
- Support management of tools, resources, and schedules for security testing
Key Skills:
- Minimum 8 years of hands-on experience in application security, secure software development, or security consulting
- Experience conducting security reviews (code, design threat modeling, architecture) for modern applications (web, mobile, cloud-native)
- Strong knowledge of secure development practices, OWASP Top 10, and relevant industry standards
- Ability to clearly communicate technical risks and recommendations to both technical and non-technical audiences
- Familiarity with code analysis tools, vulnerability scanning, and security testing solutions
- Experience collaborating cross-functionally with developers, engineers, and product teams
- Experience working within or alongside DevOps/CI-CD environments
- Familiarity with container security, API security, and cloud-native application architectures (AWS, Azure, Google Cloud Platform)
- Experience supporting security governance or policy development
- Experience with risk exception processes or defining security risk tolerances
- Experience working in large, complex organizations or government/public sector environments
- Experience conducting third-party risk assessments, vendor evaluations, or SaaS security reviews
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
Detailed Description From Employer:
UNIVERSAL Technologies is seeking a Software Security Assurance Project Manager with at least 8 years of hands-on experience in application security or secure software development projects, performing application security services including risk assessments, architecture reviews, and code review for internal and third-party applications.
This is a remote position based in New York City. Must reside in EST zone. The ideal candidate will have a strong background conducting code and architecture reviews, integrating secure development practices, and supporting security governance across complex enterprise systems. A valid LinkedIn profile is required to be considered.
WHO WE ARE
UNIVERSAL Technologies, LLC is a Women-Owned (M/WBE) IT solutions and consulting company focused on delivering enterprise systems that significantly improve our clients' IT performance. We work across the IT spectrum including Development, Business/Systems/Data Analysis, Project Management, Cybersecurity, Network Engineering, and High-Level System Architecture.
We take pride in placing talented professionals on mission-critical technology projects that drive public sector transformation and operational excellence.
WHAT WE OFFER
Our W2 employees can expect the following benefits:
Competitive pay
Health/Dental Insurance
Group Life Insurance
401K
HSA/FSA
Pre-Tax Transportation Program
Generous Paid Time Off/Holiday Policy
MANDATORY SKILLS/EXPERIENCE Candidates who do not have the mandatory skills will not be considered.
Minimum 8 years of hands-on experience in application security, secure software development, or security consulting
Experience conducting security reviews (code, design threat modeling, architecture) for modern applications (web, mobile, cloud-native)
Strong knowledge of secure development practices, OWASP Top 10, and relevant industry standards
Ability to clearly communicate technical risks and recommendations to both technical and non-technical audiences
Familiarity with code analysis tools, vulnerability scanning, and security testing solutions
Experience collaborating cross-functionally with developers, engineers, and product teams
Experience working within or alongside DevOps/CI-CD environments
Familiarity with container security, API security, and cloud-native application architectures (AWS, Azure, Google Cloud Platform)
Experience supporting security governance or policy development
Experience with risk exception processes or defining security risk tolerances
Experience working in large, complex organizations or government/public sector environments
Experience conducting third-party risk assessments, vendor evaluations, or SaaS security reviews
SCOPE OF SERVICES
New York City Cyber Command within the Office of Technology and Innovation seeks a Software Security Assurance Project Manager to support the adoption of secure-by-design practices into NYC agencies software development lifecycle through the Software Security Assurance Program (SSAP). RESPONSIBILITIES:
Perform application security services including risk assessments, architecture reviews, and code review for internal and third-party applications
Coordinate with developers, project teams, and third-party vendors to assess and guide secure software development and integration
Provide consultative guidance during the design, development, and deployment phases of new solutions
Review threat models, validate security controls, and ensure alignment with security policies
Review and interpret security testing reports and vulnerability findings; assist with risk remediation strategies
Contribute to improvements in existing AppSec processes, workflows, and documentation
Help define and expand secure software development lifecycle practices across the organization
Support the development and refinement of policy and governance documents related to software security
Track and report on security metrics, status of findings, and overall risk trends
Support management of tools, resources, and schedules for security testing UNIVERSAL Technologies is an equal opportunity employer.
This is a remote position based in New York City. Must reside in EST zone. The ideal candidate will have a strong background conducting code and architecture reviews, integrating secure development practices, and supporting security governance across complex enterprise systems. A valid LinkedIn profile is required to be considered.
UNIVERSAL Technologies, LLC is a Women-Owned (M/WBE) IT solutions and consulting company focused on delivering enterprise systems that significantly improve our clients' IT performance. We work across the IT spectrum including Development, Business/Systems/Data Analysis, Project Management, Cybersecurity, Network Engineering, and High-Level System Architecture.
We take pride in placing talented professionals on mission-critical technology projects that drive public sector transformation and operational excellence.
Our W2 employees can expect the following benefits:
Competitive pay
Health/Dental Insurance
Group Life Insurance
401K
HSA/FSA
Pre-Tax Transportation Program
Generous Paid Time Off/Holiday Policy
Minimum 8 years of hands-on experience in application security, secure software development, or security consulting
Experience conducting security reviews (code, design threat modeling, architecture) for modern applications (web, mobile, cloud-native)
Strong knowledge of secure development practices, OWASP Top 10, and relevant industry standards
Ability to clearly communicate technical risks and recommendations to both technical and non-technical audiences
Familiarity with code analysis tools, vulnerability scanning, and security testing solutions
Experience collaborating cross-functionally with developers, engineers, and product teams
Experience working within or alongside DevOps/CI-CD environments
Familiarity with container security, API security, and cloud-native application architectures (AWS, Azure, Google Cloud Platform)
Experience supporting security governance or policy development
Experience with risk exception processes or defining security risk tolerances
Experience working in large, complex organizations or government/public sector environments
Experience conducting third-party risk assessments, vendor evaluations, or SaaS security reviews
New York City Cyber Command within the Office of Technology and Innovation seeks a Software Security Assurance Project Manager to support the adoption of secure-by-design practices into NYC agencies software development lifecycle through the Software Security Assurance Program (SSAP). RESPONSIBILITIES:
Perform application security services including risk assessments, architecture reviews, and code review for internal and third-party applications
Coordinate with developers, project teams, and third-party vendors to assess and guide secure software development and integration
Provide consultative guidance during the design, development, and deployment phases of new solutions
Review threat models, validate security controls, and ensure alignment with security policies
Review and interpret security testing reports and vulnerability findings; assist with risk remediation strategies
Contribute to improvements in existing AppSec processes, workflows, and documentation
Help define and expand secure software development lifecycle practices across the organization
Support the development and refinement of policy and governance documents related to software security
Track and report on security metrics, status of findings, and overall risk trends
Support management of tools, resources, and schedules for security testing UNIVERSAL Technologies is an equal opportunity employer.