FirstBank Jobs

Job Classification:
Technology - Agile, Delivery, & Product
Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, youll unlock an exciting and impactful career all while growing your skills and advancing your profession at one of the worlds leading financial services institutions.
Your Team & Role
As the Director and Product Owner of Application Security in the Attack Surface Management organization, you will partner with other securityprofessionals across the Information Security Office, the Chief Technology Office, and other engineering groups in Prudential to lead Prudentials application security program. In this role, you would be responsible to lead our efforts in securing modern applications, and ensuring secure by design development best practices across all digital assets in alignment with industry standards. You will set strategic direction and define outcome-based measurements and monitoring to track and govern risk reduction. You will work with partner organizations to consult on implementation patterns and controls for enforcement and monitoring.
The ideal candidate will have a deep understanding of modern application architecture, cloud-native security and DevOps practices. Forward-thinking is required for this role to include focus on how to securely develop AI systems and incorporate capabilities for Security Operations to scale and defend against evolving threats.
Responsibilities include:
Developing self-service remediation guidance by incorporating AI/ML capabilities
Establishing threat modeling at scale
Lead the standards and policy for secure modern application architectures, including cloud native, AI and microservices-based systems
Maturing existing vulnerability and configuration monitoring capabilities for open source, third party and first party code and applications.
Ensuring the adoption of secure-by-design principles and practices throughout the software development lifecycle.
The candidate must have a global view of operations and how to align with different operational models.
Establishing a Security Champions program to facilitate improvements in secure coding practices and securing systems against modern threats
Govern and enable risk-based reporting based on SAST, DAST, IAST, SCA, MAST, pen-testing assessments. Create power BI dashboards to simplify reporting for ASPM, providing business context and prioritization to support remediation.
Collaborate with incident response teams to respond to security incidents and implement application mitigations
Develop and deliver role-based application security training courses focused on developers and product owners
Stay current with emerging threats and technologies and advise on strategic investments and requirements for application security tools and services
In addition to deep technical expertise and experience, you will bring excellent problem solving, communication and teamwork skills, along with agile ways of working, strong business insight, an inclusive leadership attitude and a continuous learning focus to all that you do.
Here is What You Can Expect on a Typical Day
Primary stakeholder for Application Security programs and initiatives, including but not limited to:
Partner with stakeholders to establish preventive controls for systemic issues identified by the Offensive Security team
Oversee the application related requirements for orchestration and workflow tools needed to assess application security posture.
Work with the ASM Chief Product owner to manage priorities needed to achieve application security outcomes.
Update and maintain standards, tools, and procedures.
Provide mentorship, training, and guidance for team members, including periodic reviews and individual development plans.
Support managers and Prudential leadership on new initiatives and opportunities to mature and transform our security practices.
Collaborate with stakeholders (business and technical) to coordinate assessments, validating vulnerability reports/findings, and influencing remediation.
Ensures proper communication of the programs results, opportunities, and deficiencies, as needed, to Prudential upper management
Proactively research and embrace best practices to stay current with current threats. Actively assess Prudentials risk and work with teams to implement and validate controls as necessary.
Actively review application attack surface across ASPM tools and address areas of non-compliance and high risk.
Leverage tool/process specific knowledge to resolve complex technical/process/people problems the team faces.
Leverage organizational and industry knowledge to bridge gaps between the Security teams and internal IT/business teams to ensure the team has the information and resources they need to meet team goals.
Partner with leadership to set direction for the future of Application Security program, while ensuring an accurate understanding and in-depth knowledge of daily operations to provide team recommendations.
Bring a deep understanding of relevant and emerging technologies, give technical direction to team members, and embed learning and innovation in the day-to-day
Maintain a broad knowledge of innovative security principles and theory
The Skills & Expertise You Bring
Bachelor of Computer Science or Software Engineering or experience in related fields
Proven ability to lead large corporate programs with minimal guidance and effectively leverage diverse ideas, experiences, thoughts and perspectives...

Equal Opportunity Employer - minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity