
Posted 6 days ago
Principal InfoSec Engineer Application Security
PMI U.S.Principal InfoSec Engineer Application Security
Requirements
10+ years Information Security experience, IT security assessment expertise, Cloud and infrastructure familiarity, CISA certification, CISSP certification
Skills
Application SecurityThreat ModelingSASTDAST
About the role
Responsibilities
- Identify cybersecurity gaps in new and existing applications via threat modeling, architecture reviews, access model reviews, and configuration reviews.
- Execute security assurance for critical or complex projects, managing the lifecycle from initial risk scoping to final pre-go-live assessments.
- Develop tailored assurance plans for projects adopting new technologies, coordinating with specialized InfoSec teams or external experts.
- Document and demonstrate identified vulnerabilities to stakeholders, advising technology teams on effective and cost-efficient remediation.
- Coordinate with Offensive Security specialists for targeted ethical hacking and integrate findings into project advisories.
- Support the creation of global application security strategies and optimize tools, techniques, and methodologies.
Requirements
- 10+ years of experience in Information Security, specifically within IT risk, assurance, or application security.
- Proven track record of executing complex IT security assessments, including SAST, DAST, and architecture reviews.
- Broad familiarity with application development, cloud environments, and infrastructure.
- Mandatory CISA certification.
- Mandatory CISSP certification.
- Strong communication and negotiation skills to brief upper management and lead technical discussions with architects.
Preferred Qualifications
- CISM certification.
- Experience in a large-scale organization or consulting environment.
Benefits
- Competitive base salary and annual bonus.
- Comprehensive medical, dental, and vision coverage.
- 401k with a generous company match.
- Hybrid work model (Smart Work) promoting flexibility.
- Wellness benefits, commuter benefits, and pet insurance.
- Generous Paid Time Off (PTO).
About the Company
PMI U.S. is part of Philip Morris International, dedicated to building a modern nicotine business and helping make a future without cigarettes a reality. We invest heavily in science and innovation to provide better alternatives for legal-age adults.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freePrincipal InfoSec Engineer Application Security
PMI U.S. · Tampa
