Application Security Lead

About the Role The Application Security Lead guides and support IT Teams in the design and implementation of a Secure Software Development Lifecycle. The role has also a broad responsibility to cover tasks in all parts of the Essity Information Security Management Process (ISMP). Each Information Security team member’s responsibility is defined annually and is assigned based on Essity’s current risk exposure as well as the team member’s competences and individual development goals. The job reports to Director Information Security (CISO).What You Will DoManage Essity’s application security programs.Closely collaborate with multiple development and delivery teams of various software product.Continuous drive threat intelligence and technology watch in selected area.Being a trusted security advisor and provide security guidance to Essity colleagues.Take decisions based on information security standard and instructions.Annually plan and set priorities for security services and programs within own responsibility.Assess the need for security documents, develop and maintain information security standard.Coordinate more advanced security programs, related to application security.Evolve Essity’s information security capabilities consistent with the risk portfolio.Manage established security services.Participate in internal and external audits.Monitor compliance towards Essity security standards. Follow up on remediating activities.Compile reports to IT Management providing assurance that InfoSec is being adequately addressed.Who You AreEducationHigher education (at least a bachelor’s degree) in computer science, Information Technology, or a related field.Professional security certifications such as CISSP or CISA are meritorious.Work ExperienceSeveral years of working experience in the areas of software engineering, application security, and ethical hacking.Functional skillsDeep understanding of application security related frameworks and maturity models.Advanced level of understanding the OWASP top 10 vulnerabilities.Experience with DevSecOps practices and AppSec tools (e.g., SAST, SCA, DAST).Experience of conducting threat modeling.Knowledge of programming languages.Risk Management.Skills in several IT security areasGood knowledge in regulatory complianceLeadership skillsAbility to explain complex security concepts in simple terms.Quality oriented with high documentation and presentation skills.Ability to motivate Essity employees to maintain a security conscious behavior.LanguagesEnglish (fluent)ApplicationInterested? Please send your application in English. If you are up for the challenge and think this sounds like you, apply online today! Kindly note that due to data protection we will not accept applications via mail. As we will be making ongoing selections, interviews might start before the application deadline. Please use the link to apply via our career site. We may conduct background checks in the final stages of the recruitment process to verify your qualifications and fit for the role.Together, we are improving lives, every day.Working at Essity is not just a career; it is a chance to directly make the world a healthier, more hygienic and safer place. With impactful innovations coupled with sustainable solutions, we strive to reach more people every year with the necessary and essential solutions for well-being.