We are looking for an Application Security Team Lead to join our R&D center.
In this position you will work directly with the CISO and be responsible for defining the application security strategy, while providing technical and professional leadership in order to integrate security controls and capabilities across Via’s R&D teams. This role is an opportunity to work across a variety of areas of the business and have real impact on the company.
What you'll do:
- Set out the application security strategy and framework for Via, based on recognised application security architecture frameworks (e.g. OWASP SAMM, BSIMM), Standards and best practice design principles
- Provide engineering and product teams with the security expertise necessary to develop our products
- Lead and oversight the application security team
- Integrate security tools, standards, and processes into the software life cycle (SDLC)
- Develop a strong security culture and capability and evolve the security champions program
- Perform security design reviews, threat modeling and vulnerability testing, while acting as a security expert for developers
- Enable automated security testing at scale to measure vulnerability, and report on risk across all platforms
- Build the security development training program to train developers on secure coding practices
What you'll bring:
- Strong background in secure application architecture design and threat modeling
- In-depth knowledge of web and mobile application vulnerabilities and security standards and frameworks (e.g. OWASP, NIST, CSC, CIS, etc.)
- Significant experience in implementing security in the software development lifecycle and as part of the CI/CD
- Ability to articulate issues, risks, and propose solutions for various application security problems to developers
- Minimum 2 years of application security leading experience
- Advantage: experience in pen-testing of web and mobile applications
- Advantage: experience working in DevSecOps environment
We’re Via, and we build technology that changes the way the world moves. We pioneered the TransitTech category to ensure that the future of transportation is shared, dynamic public mobility — the kind that reduces carbon emissions across congested cities, minimizes reliance on private cars, and provides everyone with accessible, efficient, and affordable ways of getting around.
With the addition of Remix into our portfolio, we created the first end-to-end TransitTech solution for cities and transit agencies, offering world-class software, service design, and operational expertise to fundamentally improve the way the world moves.
We’re committed to building and nurturing a team as diverse as the communities we serve. Bringing transportation equity to the world begins with championing equal opportunity in our own offices. All backgrounds, identities, and voices are welcomed and celebrated here.
Ready to join the ride?