Lazard is one of the world’s leading financial advisory and asset management firms. Our people make the difference. With just over 3,000 employees, our tight-knit community allows for professionals eager to learn and willing to teach to connect and grow together. We believe that diversity, equity, inclusion, and allyship are not just business imperatives — they are central pillars of our employee experience. Our entrepreneurial culture and flat structure allow creative ideas and original concepts to drive our business forward — and for careers to take flight.

Lazard is a forward-thinking organization dedicated to modernizing our development practices and enhancing our security posture. We are in the midst of a transformative journey, transitioning to Azure while maintaining our existing footprint in AWS and on-premises VMware environments. As part of this transformation, we are seeking an Application Security Expert who will focus on developer experience and application security.

The VP InfoSec Application Security will be responsible for representing Information Security with the developer community, ensuring secure best practice programming methods are followed, and improving security within the developer community.

Key elements of this role include:

• Liaison Role: Act as a liaison between the Business Information Security Officers (BISOs) and developers to address and resolve development-related security issues.
• Developer Engagement: work together with developers and their leads to improvement in application security and overall security posture.
• Application Security Leadership: Lead the implementation and management of application security tools and practices, including Trufflehog, Contrast Security, Panoptica, and GitLab.
• Developer Collaboration: Work closely with developers to integrate security into the software development lifecycle, ensuring secure coding practices and fostering a culture of security awareness.
• Security Compliance: Develop and enforce security/compliance frameworks, SBOM, fuzz testing, code coverage, and other security best practices.
• Logging and Monitoring: Implement and manage logging and monitoring solutions using Sumo Logic and Datadog.
• Open-Source Management: Serve as the process owner, policy owner, and infosec review owner for open-source usage within the organization.
• Security Incident Response: Assist in security incident response efforts, ensuring timely identification, containment, and remediation of security incidents.
• Compliance Management: Ensure compliance with relevant regulations such as GDPR, DORA, and others.

You’ll need to have:

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
• Minimum of 5 years of experience in application security, with a strong focus on developer experience and developer centric mindset.
• A security certification, such as Security+ or CCSP are a must. Additional security certifications are a plus.
• At least one cloud certification, such as Azure Architect, Azure Developer, AWS DevOps Engineer, or similar is required.
• Proven track record of implementing and managing security tools and frameworks in a complex environment.
• Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams.
• Languages: Proficiency in at least one of these languages: Python, Java, .Net, and JavaScript, and ability to actively develop.
• Compute Platforms: Experience with Azure, AWS, and Kubernetes (K8S).
• Identity and Access Management: Familiarity with EntraID.
• Strong understanding of ITIL and Agile methodologies.

What we offer

We strive to enhance the total health and well-being of our employees through comprehensive, competitive benefits. Our goal is to offer a highly individualized employee experience that enables you to balance your commitments to career, family, and community. When you work for Lazard, you are working for an organization that cares about your unique talents and passions, and will continue to invest in the development of your career.

We expect the base salary range for this role to be approximately $150,000-$175,000 USD. Various factors contribute to determining the actual base compensation offered, including but not limited to the applicant’s years of relevant experience, career tenure, qualifications, level of education attained, certifications or other professional licenses held, relevant skills for the role. Base salary is one component of Lazard’s compensation package, which also includes comprehensive benefits and may include incentive compensation.

Inclusion at Lazard

Lazard is an intellectual capital business focused on delivering the best advice and solutions to clients. Achieving these objectives requires us to identify, develop and retain the best talent. A workforce comprised of people with varied backgrounds and experiences creates a rich diversity of thought that empowers us to challenge conventional wisdom, as diverse perspectives lead to better decisions.

Our appreciation of diversity’s strength is ingrained in our multicultural heritage. As a global firm that has grown organically from local roots in different countries, we have a deep tradition of respect for individual differences, which has been core to our success for 175 years.

The ongoing cultivation of an inclusive culture are essential to our continued growth. We are committed to sustaining an environment in which all employees – regardless of socioeconomic status, race, ethnicity, nationality, religion, gender, gender expression, sexual orientation, physical abilities, veteran or military status – can maximize their individual potential, as well as our collective success.