Share this Job

Job Title:  Principal Information Security

Location: 

Southlake, TX, US

Remote Options (if applicable):  Flexible remote options

Req ID: 59702

Job Family: Information Technology/Software Development

 

Sabre Corporation is a leading technology provider to the global travel and tourism industry. Headquartered in Southlake, Texas, USA, Sabre operates offices in approximately 60 countries around the world. At Sabre, we make travel happen. Positioned at the center of the business of travel, our platform connects people with experiences that matter in their lives. Today, Sabre is creating a new marketplace for personalized travel. It is our people who develop and deliver powerful solutions that meet the current and future needs or our airline, hotel and travel agency customers. Join our journey! 

Join our Journey

Reports to the Application Security Manager in Sabre’s Risk and Security organization. The ideal candidate is looking for a growth opportunity in the field of Application Security.  

 

  • Under general direction from the Application Security manager, the Application Security Specialist will:
  • Define and collaborate with the Application Security manager and director on strategy and implementation tactics for building the Application Security Roadmap. 
  • Work directly with the Cyber Threat Management team and the Security Architect team for cross Risk & Security organization collaboration. 
  • Mentor other team members in software development best practices to enhance our in-house Appsec projects and lead the development of those in-house projects. 
  • Consult on the remediation and/or mitigation of systems/application vulnerabilities, review application mitigation proposals, and work on application security program automation efforts
  • Onboard, test, operate, and analyze information security tools/systems for application vulnerabilities following established standards and baselines (OWASP, SANS, CERT, etc.)
  • Coordinate with development teams, DevOps, or third parties to conduct application security testing throughout the SDLC and CI/CD cycles
  • Possess general knowledge of secure coding & application security techniques and/or methodologies
  • Recommend and develop security measures to protect applications and data against unauthorized access, modification, or loss
  • Effectively collaborate with 3rd party resources or vendors to accomplish objectives
  • Support and provide accurate and factual metrics & reporting to the team lead, director, developers, and application owners
  • Identify and communicate practical risk regarding application security vulnerabilities to both technical and non-technical audiences

Job Requirements

 

EDUCATION:  Bachelor’s Degree preferred. 

EXPERIENCE:  

  • Minimum 6 years IT software development related experience with 4 years application security experience.
  • Has experience with global outsourcer (general IT, development, or security services) and prior software testing and scripting/development skills
  • Has conducted code reviews and has experience discussing code design/methods with developers
  • Is proficient with security terminology and vulnerability bug classes
  • Has written and debugged script code
  • Has excellent written and verbal communication skills required
  • Has experience in software quality assurance, vulnerability assessment and testing, audit remediation programs, and application-based access controls
  • The ideal candidate will be a self-motivated, critical thinker, who is a continuous learner and has the following experience and skills:
    • Strong software testing and/or application scripting/development background
    • Strong experience in SDLC, CI/CD, and DevOps processes
    • Experience with IAST/SAST/DAST/SCA scanning using Veracode or similar scanning tools
    • Experience with SCA (open source) scanning
    • Practical experience and/or certification in app penetration testing/ethical hacking   
    • Ability to handle multiple operational and/or project assignments and prioritization of short and long-term tasks 
    • Application inventory management; Change management; Application vulnerability management; Vulnerability remediation/mitigation consulting
    • Veracode, Sonatype Nexus, ServiceNow, Linux & Windows, SQL, Burp Suite; Visual Studio, Eclipse, IntelliJ, Kubernetes, GCP, Windows Subsystem for Linux, Google Cloud
    • Java, Python, Go, .Net, C#, C++, PHP, Curl, JavaScript and other general scripting

Benefits

•    Very competitive compensation 
•    Generous Paid Time Off (5 weeks PTO your first year!) 
•    4 days (one per quarter) of Volunteer Time Off (VTO) 
•    We offer a comprehensive medical, dental and Wellness Program
•    Paid parental leave 
•    An infrastructure that allows flexible working arrangements 
•    Formal and informal reward, recognition and acknowledgement programs 
•    Lots of fun and engaging employee development events 

 

Reasonable Accommodation

Sabre is committed to working with and providing reasonable accommodation to applicants with disabilities. Applicants applying for a Sabre position with a disability who require a reasonable accommodation for any part of the application or hiring process may contact Sabre's Compliance Office at compliance.office@sabre.com.

Affirmative Action

Sabre is an equal employment opportunity/affirmative action employer and is committed to providing equal employment opportunities to minorities, females, veterans, and disabled individuals. EEO IS THE LAW

 

Stay connected with Sabre Careers

Facebook Twitter LinkedIn

 

#LI-EM1

#LI-Hybrid

 


Nearest Major Market: Dallas
Nearest Secondary Market: Fort Worth

Job Segment: Information Security, Testing, Developer, Cloud, Quality Assurance, Technology