Application Security Solution Architect
Denver, Illinois, United States of America
Full Time
1 hour ago
$140,500 - $205,000 USD
Visa Sponsor
Key skills
CloudLeadershipCommunicationPresentation SkillsOWASPPenetration Testing
About this role
Role Overview
- Analyze, design, develop, and deliver secure application security solutions
- Support with creating new and leveraging existing secure patterns to optimize application security designs that align to business requirements
- Manage all aspects of delivery of solution design, including capturing security requirements, identifying risks & opportunities, and alignment to application security policy
- Cross collaborates with line(s) of business teams, as well as other security and IT support functions
- Serve as a technical security design resource through the Software Development Lifecyle
- Maintain thought leadership role in application security technology, remaining up to date on offerings of various service providers
- Maintain overall product design documentation and take responsibility for the solution architecture of application security platforms and components that comprise it
- Provide expert level guidance on application security design decisions, standards, and operational practices
- Be an active member of secure by design center of excellence to define and govern best practices in software development platforms engineering, operations, design patterns, and governance
- Drive discussions in architecture review board by developing platform architecture artifacts and influencing architectural decisions
- Maintain blueprints, portfolio level designs, and reference architecture of application security products
- Work with teams that have high application complexity to provide guidance on application security platforms and escalate risks and issues as appropriate
- Communicate problems, risks, and challenges to drive discussions across key stakeholders – engineering, operations, developers, information security, and senior leadership
Requirements
- Knowledge and understanding of Application Security specific laws, rules, regulations, and Guidelines such as OWASP, NIST, ISO/EC, CIS, SOX, OCC, PCI, DGPR, FISMA, FFIEC within the financial services sector
- Possession of CISSP certification would be an advantage
- Knowledge of application security and pen testing methodologies, techniques, and technologies
- Knowledge of software development lifecycle related tools and methodology which support automated security compliance integration within different pipeline solutions would be an advantage
- 5+ years relevant hands-on experience in application security fields in a large and complex organization
- Security knowledge which covers core technology infrastructure, cloud technologies, and application security practice
- Experience with application development tools, Static and Dynamic Application Security Testing, Bill of Materials, Penetration Testing, Threat Modeling, common development Pipelines, and common cloud and on-premise designs and architectures
- Proficient in articulating facts and data-driven plans and ability to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to relevant Secure by Design requirements within
- Strong attention to detail and advanced analytical skills
- Excellent communication and presentation skills
- Excellent organizational skills and be able to effectively prioritize multiple tasks
- Hands on experience and involvement in large and complex projects
- Proficient in data management which includes strong data analytical capabilities with advanced understanding of the collection and management of metadata.
Tech Stack
- Cloud
Benefits
- Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors
- Access to paid time off
- Resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.