Director, Application Security

Job Description

UTA looking for a Director of Application Security to own and build our application security program from the ground up. You will use your AppSec expertise and broad security experience to build innovative tooling and strategies around our development and data protection efforts to build a best-in-class AppSec program. You will be instrumental in helping to shape product strategy. Along the way, you will be a leader and key contributor across ALL aspects of our security program and drive our strategies to protect the assets of our cloud-first enterprise. Your role will be a vital connection and orchestration point for security initiatives across the business.

What You Will Do
• Build out the organization's application security fundamental strategy and develop realistic roadmaps and priorities
• Partner with DevOps to design and build scalable and automated security toolsets, processes, and infrastructure as part of a continuous integration and continuous delivery (CI/CD) pipeline
• Collaborate with engineering, product, and cross-functional teams to help them prioritize real-world security issues while balancing the goals of the business
• Evaluate and select new technologies, tools, and vendors to help manage the continual improvement of application security practices and platforms
• Execute your vision and help decide what security issues the organization should prioritize
• Be hands-on and able to deep-dive technical security findings while you mature the program to track from identification and help the engineers get to remediation
• Scale security efforts by influencing and empowering engineering teams with the right guidance, patterns, and training
• Expand and lead AppSec's scope to include data protection, privacy, third party risk, and general risk reduction
• Act as a trusted consultative partner for all security strategies including zero trust, automation, and policy
• Your work will encompass and affect all security initiatives including DevOps, Zero Trust, automation, privacy, and more.

What You Will Need
• 7+ years relevant application or product security experience with technical hands on AppSec skills and a deep understanding of various AppSec strategies and their trade offs
• Deep experience with one or more AppSec tools such as SAST, DAST, or IAST
• Experience with modern software development practices
• In-depth knowledge and experience of CI/CD best practices
• Knowledge of OWASP top-10 but also a deep understanding of web application and mobile app vulnerabilities and how those translate to real life
• Web application security, API hardening, secure data storage/transmission/processing principles, container security, DevSecOps, security automation
• Offensive security skills, application testing, penetration testing, reverse engineering
• Expertise in application security but also breadth of knowledge across multiple Information Security domains and depth in a few
• Cloud infrastructure operations and architecture
• Identity management and authentication protocols
• Data protection schemes, data privacy best-practices, information risk management
• Common application technologies including Github, CircleCI, Netlify, MongoDB, Express/React/Node.js, Docker, Azure, Terraform
• Development experience with at least one modern language such as JavaScript, Python, Ruby, etc

What You'll Get
• Have a meaningful and positive impact on the security of our colleagues and clients
• Be comfortable dealing with ambiguity and independent decision making
• Be challenged to identify, build, test, and deploy solutions in real-life, not in theory
• Be encouraged to innovate and take ownership
• Be given the opportunity to rapidly accelerate your security, technology, and management skills
• Have the freedom to experiment with novel problem-solving approaches
• Contribute to all security-related initiatives - both tactical and strategic
• Be exposed to emerging security and business technologies
• Have access to best-in-class tooling and people
• Grow and learn on the job, every day
• The unique and exciting opportunity to work at one of the leading global entertainment companies
• Access to the tools, leadership, and resources you will need to create and drive a center of excellence
• The opportunity to do the best work of your career
• Work in an inclusive and diverse company culture
• Competitive benefits and programs to support your well-being

About UTA

UTA is one of the world's leading talent and entertainment companies. We help the world's most inspiring people make the world a more inspiring place. Many of our colleagues spend their careers here. It's one of the reasons UTA is considered among the entertainment industry's best places to work.

At UTA, the belief in the client relationship is paramount and marked by respect, a sense of stewardship, and a commitment to an artist's entire creative life. Our commitment to every employee is the same.

For more information: https://www.unitedtalent.com/about/

UTA and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities.

Jobcode: Reference SBJ-r1o7mx-3-133-147-87-42 in your application.